Every time I spend useless time to refresh my memory from nmap man page, so I create this little chat sheet.
Any suggestion will be appreciated!
–
If you specifie the class, it’ll search all ip in that class range:
w.x.y.z/c
–
Input from list of hosts/networks:
-iL filename
Output in (fname.nmap fname.xml fname.gnmap):
-oA fname
Increase verbosity level (use -vv or more for greater effect):
-v
Reverse DNS.
-sL
Force send TCP SYN packet (use raw socket, need root):
-sS
Use ACK scan (use on open and filtered ports):
-sA
if (unfiltered) ‘stateless firewall’ else if (all result filtered) ‘stateful firewall’
UDP scan:
-sU
Probe open ports to determine service/version info:
-sV
Enable OS detection:
-O
Enable OS detection, version detection, script scanning, and traceroute:
-A
Treat all hosts as online (skip ACK on 80,443 and ICMP PING,TIMESTAMP):
-Pn
Scan all possible ports:
-p1-65535
Scan <number> most common ports (http://nmap.org/presentations/BHDC08/):
--top-ports <number>
W ZeNmap