luukverhoeven · April 22, 2018 08:54
diff --git a/nmap-scanning.sh b/nmap-scanning.sh
 # Scanning
 # ----------------
 # Get open ports 
 # Get banners
 # Get service versions 

 # Ping Sweep fast scan / Discovery
 nmap -sP 192.168.178.1-254
 # no results try
 nmap -sL 192.168.178.1

 # Next Port scan
 nmap -sS 192.168.178.1
 nmap -sS -p 80 192.168.178.1

 # no results try | firewalls
 nmap -sS -T 5 -p 21,23,25,80,8080,1433,3306 80 192.168.178.1
 nmap --scan-delay 15s -p 
 nmap --max-rate 0.1 -p
 nmap -f -p 
 nmap -mtu 16 -p

 # Next Bannergrab get correct version
 nc 192.168.178.1 80
 nmap -sV -p 80 192.168.178.1
 openssl s_client -connect 192.168.178.1:443
 # See cert version etc

 # Scan NMAP 1433
 nmap -p 445 --script ms-sql-info  192.168.178.1
 nmap -p 1433 --script ms-sql-info --script-args mssql.instance-port=1433  192.168.178.1
	# Scanning
	# ----------------
	# Get open ports
	# Get banners
	# Get service versions

	# Ping Sweep fast scan / Discovery
	nmap -sP 192.168.178.1-254
	# no results try
	nmap -sL 192.168.178.1

	# Next Port scan
	nmap -sS 192.168.178.1
	nmap -sS -p 80 192.168.178.1

	# no results try \| firewalls
	nmap -sS -T 5 -p 21,23,25,80,8080,1433,3306 80 192.168.178.1
	nmap --scan-delay 15s -p
	nmap --max-rate 0.1 -p
	nmap -f -p
	nmap -mtu 16 -p

	# Next Bannergrab get correct version
	nc 192.168.178.1 80
	nmap -sV -p 80 192.168.178.1
	openssl s_client -connect 192.168.178.1:443
	# See cert version etc

	# Scan NMAP 1433
	nmap -p 445 --script ms-sql-info 192.168.178.1
	nmap -p 1433 --script ms-sql-info --script-args mssql.instance-port=1433 192.168.178.1