Nmap – cheat sheet

Every time I spend useless time to refresh my memory from nmap man page, so I create this little chat sheet.

Any suggestion will be appreciated!

If you specifie the class, it’ll search all ip in that class range:


Input from list of hosts/networks:

-iL filename

Output in (fname.nmap fname.xml fname.gnmap):

-oA fname

Increase verbosity level (use -vv or more for greater effect):


Reverse DNS.


Force send TCP SYN packet (use raw socket, need root):


Use ACK scan (use on open and filtered ports):


if (unfiltered) ‘stateless firewall’ else if (all result filtered) ‘stateful firewall’

UDP scan:


Probe open ports to determine service/version info:


Enable OS detection:


Enable OS detection, version detection, script scanning, and traceroute:


Treat all hosts as online (skip ACK on 80,443 and ICMP PING,TIMESTAMP):


Scan all possible ports:


Scan <number> most common ports (http://nmap.org/presentations/BHDC08/):

--top-ports <number>

One thought on “Nmap – cheat sheet

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s