NMAP Cheat Sheet v1

30 Mai, 2023

| Keine Kommentare

Port Specification Options
Syntax	Example	Description
-p	nmap -p 23 192.168.1.1	scanning port 23 of host
-p	nmap -p 23-100 192.168.1.1	scanning port range 23-100
-pU: , -T:	nmap -pU:110,T:23-25 192.168.1.1	scanning UDP 110 and range 23-25 TCP
-p-	nmap -p- 192.168.1.1	scanning all ports
-F	nmap -F 192.168.1.1	fast port scan
-r	nmap -r 192.168.1.1	sequencial port scan

Scanning Types (-s / -S)
Syntax	Example	Description
-sS	nmap -sS 192.168.1.1	TCP SYN port Scan
-sT	nmap -sT 192.168.1.1	TCP Connet port scan
-sA	nmap -sA 192.168.1.1	TCP ACK port scan
-sU	nmap -sU 192.168.1.1	UDP port scan
-Sf	nmap -Sf 192.168.1.1	TCP FIN scan
-Su	nmap -Su 192.168.1.1	UDP scan
-sL	nmap -sL 192.168.1.1-253	List scan

Discovery Scan (-s / -P -n)
Syntax	Example	Description
-sL	nmap -sL 192.168.1.1-254	list x.1-x.254 withour scan
-sn	nmap -sn 192.168.1.1/24	disable port scan
-Pn	nmap -Pn 192.168.1.1/24	only portscan without host discovery
-PS	nmap 192.168.1.1 -PS22-25,80,443	SYN specified port scan 22-25,80,443
-PA	nmap 192.168.1.1 -PA22-25,80,443	ACK specified port scan 22-25,80,443
-PU	nmap 191.68.1.1 -PU53	UDP specified port scan
-PR	nmap 192.168.1.1-255	ARP discovery
-n	nmap 192.168.1.1 -n	no DNS reselution

Version Detection
Syntax		Example		Description
-sV		nmap -sV 192.168.1.1		try to find the version of Service
-sV –version-all		nmap -sV –version-all 192.168.1.		Set intensily level to 9
-sV –version-light		nmap -sV –version-light 192.168.		enable light mode
-A		nmap -A 192.168.1.1		enable all detections (OS,ver,script)
-O		nmap -O 192.168.1.1		OS-Detection

Scan options

Syntax		Description
nmap -sP 192.168.1.1		Ping Scan only
nmap 192.168.1.1 192.168.1.100		Scan specific Ips
nmap 192.168.1.1-253		scan a range of Ips
nmap test.de		scan a domain
nmap 192.168.1.0/24		scan using CIDR
nmap -iL targets.txt		scan from target file

Specification
Syntax		description
nmap 192.178.1.1		single IP scan
nmap 192.178.1.1 192.168.100.1		scan specific Ips
nmap 192.168.1.254		scan a range of IPs
nmap test.com		scan a domain
nmap 192.168.1.0/24		scan CIDR notation
nmap -iL scan.txt		scan from files
nmap –execlude 192.168.1.2		exclude a specified IP
nmap –traceroute 192.168.1.1		traceroute 192.168.1.1

nmap Output Formats (-o)
Syntax		description
Default /normal output		nmap -oN rs.txt 192.168.1.1
XML		nmap -oX rs.xml 192.168.1.
Grepable		nmap -oG gp.txt 192.168.1.
All formats		nmap -oA all.txt 192.168.1.

Firewall Proofing
Syntax	description
nmap -f 192.168.1.1	scan fragment packets
nmap -sTU 1490 192.168.1.1	scan with specified MTU (1490)
nmap -sI 5 192.168.2.2	scan ZOMBIE
nmap -source-port 22 192.168.1.1	manual source port -specifiy scan
nmap -data-length 1400 192.168.1.1	randomly appended data 1400
nmap -randomize-hosts192.168.1.0/25	randomly scan of hosts

Timing Options
Syntax	description
nmap -T0 192.168.1.1	slowest
nmap -T1 192.168.1.1	tricky Scan to avoid IDS
nmap -T2 192.168.1.1	timely scan
nmap -T3 192.168.1.1	default scan timer
nmap -T4 192.168.1.1	aggresive scan timer
nmap -T5 192.168.1.1	avery aggresive scan timer

Use of nmap Scipts NSE
Syntax		description
nmap –script= test script 192.168.1.0/24		execute script against target IP
nmap –script-updatedb		update/adding new scripts
nmap -sV -sC 192.168.1.1		safe default Scripts
nmao –script-help=“Test Script“		get help for script

Mscellaneous Commands

Syntax	description
nmap -6	scan IP-V6 targets
nmap -proxies	run with proxies
nmap -open	show open ports only

cybersecurity, HowTo, KALI-Linux, Linux, Linux, Uncategorized, Windows

| Tags: #cheetsheet, #cybersecurity, #cybersecuritytraining, #ethicalhacking, #hacking, #informationsecurity, #informationtechnology, #infosec, #nmap

Information, Cybersecurity & Technology 2025 .