Created
November 30, 2020 01:24
-
-
Save kudosqujo/808370835c49988ed36f8518da5aa6c2 to your computer and use it in GitHub Desktop.
[Nmap Cheatsheet] #cheatsheet #networking
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # metasploitable IP = 10.0.0.165 | |
| nmap -sS --send-ip 10.0.0.165 # stealth scan | |
| nmap -sT --send-ip 10.0.0.165 # tcp full connect scan | |
| nmap -sA --send-ip 10.0.0.165 # ack scan | |
| nmap -sX --send-ip 10.0.0.165 # xmas scan | |
| nmap -Pn -n --send-ip -D <decoy> <target> # decoying, disable ping scanning, disable name resolution, send ICMP echo requests instead of ARP requests | |
| nmap -e eth0 -S <spoof> <target> # spoofing | |
| nmap -sT -p 80,443 --open 10.0.0.0/24 # scan ports 80 & 443 on every addr within the given range | |
| nmap -sU <target> # scan UDP ports | |
| nmap -sU -sS -p U:53,221,555,T:80,443,3389 <target> # scan both UDP and TCP ports | |
| nmap -O -T5 -F -n <target> # OS detection w/ fastest timing, scanning only the top 100 ports (by use), skipping name resolution | |
| nmap -sV -n -p 80 <target> # get version of services running on target machine that are using port 80 | |
| nmap -e eth0 -Pn --script vuln -p 21 10.0.0.165 # run vuln script | |
| nmap -v -sS -T5 192.168.0.1 | |
| # -v = verbose level | |
| # -sS = TCP SYN scan | |
| # -T = time template for performing the scan | |
| # -f = use fragmented IP packets | |
| # -f --mtu = use fragmented packets & set MTU | |
| # --send-eth = ensures that we use Ethernet level packets, bypassing the IP layer and sends raw Ethernet frames within the flow |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment