Scribd
Upload
18 views

nmap-cheat-sheet

This document is a cheat sheet for using Nmap, detailing installation commands, basic usage, target specification, host discovery, scan techniques, and output options. It includes various flags and their descriptions for scanning ports, detecting operating systems, and customizing scan performance. Additionally, it provides example commands for common Nmap tasks.

Uploaded by

bodyysalah8809
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views

nmap-cheat-sheet

This document is a cheat sheet for using Nmap, detailing installation commands, basic usage, target specification, host discovery, scan techniques, and output options. It includes various flags and their descriptions for scanning ports, detecting operating systems, and customizing scan performance. Additionally, it provides example commands for common Nmap tasks.

Uploaded by

bodyysalah8809
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

nmap Cheat Sheet

Installation Port specification Timing templates


Flag Description Flag Description
sudo apt install nmap
-p <port> Scan a single port -T0 Paranoid (IDS evasion)
Basic usage -p <port1,2> Scan multiple ports -T1 Sneaky (IDS evasion)
Command Description -p <port1-5> Scan a range of ports -T2 Polite (slow)
nmap <options> <target> Scan a target -p- Scan all ports -T3 Normal (default)
nmap -h Show help -F Fast mode (top 100 ports) -T4 Aggressive (fast)
--top-ports <n> Scan the top n common ports -T5 Insane (very fast)
Target specification
Command Description OS / service / version detection Output
nmap <target> Scan a single target Flag Description Command / flag Description
nmap <target1> <target2> Scan multiple targets -O Enable OS detection -oN <file> Write normal output to a file
nmap 192.168.1.0/24 Scan a network Probe open ports to determine -oG <file> Write grepable output to a file
-sV
service/version info
nmap -iL <file> Read targets from a file -oX <file> Write XML output to a file
Enable OS detection, version
-A -oA <basename> Write output in all 3 formats
detection, and scripts
Host discovery -v Increase verbosity
Flag Description
Script scanning --packet-trace
Show all packets sent and
-sn Ping scan (disable port scan) received
Flag Description
Treat all hosts as online (skip --reason Show the reason for the port state
-Pn Scan with the default set of
ICMP Echo requests) -sC
scripts Show scan statistics every n
--stats-every <n>
-PE ICMP echo request (ping) seconds
--script=<name> Scan with the specified script(s)
-n Disable DNS resolution
Nmap examples
Performance
Scan techniques Flag Description
Command Description

Flag Description nmap -sn 192.168.1.1/24 Discover hosts on a network


--initial-rtt-timeout
Set initial RTT timeout
-sS TCP SYN scan (requires root) <time> sudo nmap -sS <target> TCP SYN scan

-sT TCP connect scan (less invasive) --max-rtt-timeout <time> Set max RTT timeout sudo nmap <target> -p 80
Scan for vulnerabilities on port 80
-sV --script vuln
-sA TCP ACK scan --max-retries <tries> Set max retries

-sU UDP scan --min-rate <number> Set min packet rate

© Nic Wortel, Software Consultant & Trainer - Last update: October 16, 2023 - Find more cheat sheets at https://nicwortel.nl/cheat-sheets

You might also like