Scribd
Upload
2 views

nmap

This document is a comprehensive cheat sheet for using Nmap, detailing various scanning techniques, port specifications, service and version detection, timing and performance options, and firewall evasion commands. It includes commands for scanning single or multiple targets, specific ports, and using scripts for vulnerability detection. Users are reminded to ensure proper authorization before conducting any network scanning or testing.

Uploaded by

Francisco Corella
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2 views

nmap

This document is a comprehensive cheat sheet for using Nmap, detailing various scanning techniques, port specifications, service and version detection, timing and performance options, and firewall evasion commands. It includes commands for scanning single or multiple targets, specific ports, and using scripts for vulnerability detection. Users are reminded to ensure proper authorization before conducting any network scanning or testing.

Uploaded by

Francisco Corella
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

ULTIMATE NMAP

COMMANDS
CHEAT SHEET awjunaid.com

Basic Scanning Techniques Scan Types

Command Description Command Description

nmap target Scan a single target nmap -sS target SYN scan (Stealth scan)

nmap target1 target2 Scan multiple targets nmap -sT target Connect scan (TCP)

nmap -iL targets.txt Scan targets from a list in a file nmap -sU target UDP scan

Ping scan to determine if host is nmap -sA target ACK scan


nmap -sn target
online
nmap -sN target NULL scan (no flags set)

Port Specification nmap -sF target FIN scan (fin flag set)

nmap -sX target XMAS scan (FIN, URG, and PSH flags set)
Command Description
Protocol scan (Determine supported
nmap -p port target Scan a specific port nmap -sO target
protocols)

nmap -p- target Scan all 65535 ports


nmap -sP target Ping scan (no port scan)

nmap -F target Scan most common ports (100)


Scripting Engine
nmap -p 20-100 target Scan a range of ports

Command Description
Service and Version Detection
nmap --script
Run specific script
scriptname target
Command Description
nmap --script vuln target Scan for vulnerabilities using scripts
nmap -sV target Service and version detection
nmap --script-help
Get help for a specific script
Aggressive scan (OS detection, scriptname
nmap -A target
version, scripts)
nmap --script-updatedb Update script database
nmap --version-
Adjust version detection intensity
intensity 0-9 target
Output Options
Please note that this is a Command Description
comprehensive cheatsheet, and
not all options may be nmap -oN output.txt target Save normal output to a file
applicable or necessary for
every situation. Always ensure nmap -oX output.xml
target
Save output in XML format
you have proper authorization
before conducting any network nmap -oG output.grep
Save output in grepable format
scanning or testing. target

Reach out me at awjunaid.com


ULTIMATE NMAP
COMMANDS
CHEAT SHEET awjunaid.com

Timing and Performance Miscellaneous Options

Command Description Command Description

nmap -T<0-5> Increase verbosity (use multiple times for


Set timing template (0=paranoid, 5=insane) nmap -v target
target more)

nmap --max- nmap -d target Debugging output


Set the maximum number of retries
retries 3 target
nmap --stats-every
Display stats periodically
nmap --max-scan- <time> target
Set maximum delay between probes
delay <time> target
nmap --reason
Show reason for the port state
nmap --min- target
parallelism Set minimum parallelism
<number> target nmap --traceroute
Perform traceroute
target

Firewall Evasion nmap --iflist List available interfaces

Command Description

Please note that this is a


nmap -f target Use fragmented IP packets comprehensive cheatsheet, and
not all options may be
nmap --mtu value applicable or necessary for
every situation. Always ensure
Set MTU to bypass firewall filters
target

you have proper authorization


nmap --data-length
value target
Append random data to scan packets before conducting any network
scanning or testing.
nmap --ip-options
Specify IP options to use during scanning
options target

Reach out me at awjunaid.com

You might also like