# ICMP / ping sweep
nmap -sn a.a.a.a-b
# Output to a grepable file
nmap -sn a.a.a.a-b -oG nmap-ping-sweep.txt
grep Up nmap-ping-sweep.txt
# Specific port scan
nmap -p 22 a.a.a.a-b -oG nmap-ssh-scan.txt
Port Scanning
# Connect scan
nmap -sT a.a.a.a-b
# Syn / half open scan
nmap -sS a.a.a.a-b
# Syn scan on the top 100 ports
nmap -sS --top-ports 100 a.a.a.a-b
# ACK scan
nmap -sA --top-ports 100 a.a.a.a-b
# SNMP scan for open 161 ports
nmap -sU -p 161 --open a.a.a.a-b
# Banner grabbing
nmap -sV a.a.a.a-b
# Operating system fingerprinting
nmap -O a.a.a.a-b
# Comprehensive scan
nmap -A a.a.a.a-b
nse = nmap scripting engine
where a.a.a.a-b is an ip range such as 192.168.1.100-150
No comments:
Post a Comment