Nmap – cheat sheet


Every time I spend useless time to refresh my memory from nmap man page, so I create this little chat sheet.

Any suggestion will be appreciated!

If you specifie the class, it’ll search all ip in that class range:

w.x.y.z/c

Input from list of hosts/networks:

-iL filename

Output in (fname.nmap fname.xml fname.gnmap):

-oA fname

Increase verbosity level (use -vv or more for greater effect):

-v

Reverse DNS.

-sL

Force send TCP SYN packet (use raw socket, need root):

-sS

Use ACK scan (use on open and filtered ports):

-sA

if (unfiltered) ‘stateless firewall’ else if (all result filtered) ‘stateful firewall’

UDP scan:

-sU

Probe open ports to determine service/version info:

-sV

Enable OS detection:

-O

Enable OS detection, version detection, script scanning, and traceroute:

-A

Treat all hosts as online (skip ACK on 80,443 and ICMP PING,TIMESTAMP):

-Pn

Scan all possible ports:

-p1-65535

Scan <number> most common ports (http://nmap.org/presentations/BHDC08/):

--top-ports <number>

One thought on “Nmap – cheat sheet

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s