Scribd
Upload
4 views2 pages

20-NMAP Command Structure

The document outlines the command structure for using Nmap, including the main command, scan types, options, and target specifications. It provides examples of various scan types such as TCP SYN Scan and UDP Scan, as well as options to modify scan behavior. Additionally, it illustrates a comprehensive command example that combines multiple options for a detailed scan of a specific target IP address.

Uploaded by

ilias ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views2 pages

20-NMAP Command Structure

The document outlines the command structure for using Nmap, including the main command, scan types, options, and target specifications. It provides examples of various scan types such as TCP SYN Scan and UDP Scan, as well as options to modify scan behavior. Additionally, it illustrates a comprehensive command example that combines multiple options for a detailed scan of a specific target IP address.

Uploaded by

ilias ahmed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

NMAP Command Structure:

nmap [Scan Type(s)] [Options] {Target(s)}


# nmap -sS -v 192.168.1.3

nmap
 The main command to run the Nmap tool.
 No scan happens without specifying some arguments after it.

[Scan Type(s)] (Optional but Important)


 Defines what kind of scan will be performed.
 Examples:
o -sS TCP SYN Scan
o -sT TCP Connect Scan
o -sU UDP Scan
o -sA TCP ACK Scan
o -sV Service Version Detection
o -O Operating System Detection

[Options] (Optional Tweaks)


 Modify the behavior of the scan.
 Additional settings to fine-tune scans.
 Examples:
o -p Specify port(s) to scan
o -v Verbose output
o -vv Verbose output more details print
o -Pn Skip host discovery
o -F Fast scan
o -r Don't randomize ports
o -T0 Timing template paranoid

{Target(s)}
 The IP address, range, or domain name you want to scan.
 Defines who/what you are scanning.
 Examples:
o Single IP: 192.168.1.1
o Range: 192.168.1.1-100
o Subnet: 192.168.1.0/24
o Domain: scanme.nmap.org
o File of Targets: -iL targets.txt

1 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717


# nmap -sS -sV -O -p 1-1000 -T4 -A -oA Results 192.168.1.3

-sS TCP SYN scan


-sV Detect service versions
-O Detect operating system
-p 1-1000 Scan ports 1 to 1000
-T4 Faster timing
-A Aggressive mode (enables OS version detection, script scanning, traceroute)
-oA Results Save the output in all formats (normal, XML, and grepable)
192.168.1.3 The target IP address

2 | P a g e Created by Ahmad Ali E-Mail: [email protected] , WhatsApp: 00966564303717

You might also like