Nmap

TCP port scans

Get the party started with the top 100 ports

-T [1-5] Set scan speed

-F Fast scan - scan the top 100 ports only

sudo nmap -sS -sC -Pn -T 4 -sV -F 192.168.X.X

scan the top 1000, and get OS information

sudo nmap -sS -sC -Pn -T 4 -sV -A 192.168.X.X -oA initNmapTCPScan

-p - Scan all the ports

sudo nmap -sS -sC -Pn -p - -T 4 -sV -A 192.168.X.X -oA fullNmapTCPScan

These scans can be much slower than the TCP scans

sudo nmap -sU -Pn -T 4 -sV -A 192.168.X.X -oA initNmapUDPScan

sudo nmap -sU -Pn -p - -T 4 -sV -A 192.168.X.X -oA fullNmapUDPScan

NSE (Nmap scripting engine) scripts can be found in the directory /usr/share/nmap/scripts/

cat /usr/share/nmap/scripts/script.db | grep "\"vuln\""

Running scripts with Nmap

nmap -sV -p 80 --script "vuln" 192.168.x.x

To add a script to the NSE datbase

cp /script/loaction /usr/share/nmap/scripts/

sudo nmap--script-updatedb

Last updated 1 year ago