NMAP
HackingPenTest Tools

Nmap Cheat Sheet: Unleash the Power of Network Exploration

Posted on

Nmap, the Swiss Army knife of network scanning tools, offers a plethora of features and options to suit every need. Whether you’re a seasoned cybersecurity professional or a curious novice, this cheat sheet will serve as your guide to harnessing the full potential of Nmap.

Basic Scans:

  • TCP SYN Scan: Fast and stealthy scan to identify open ports.
  nmap -sS <target>
  • TCP Connect Scan: Full TCP connection scan for reliability.
  nmap -sT <target>
  • UDP Scan: Probe UDP ports for services.
  nmap -sU <target>
  • Comprehensive Scan: Aggressive scan for OS detection, version detection, and more.
  nmap -A <target>

Advanced Techniques:

  • Operating System Detection (-O): Determine target OS based on network responses.
  nmap -O <target>
  • Service Version Detection (-sV): Identify service versions running on open ports.
  nmap -sV <target>
  • Scripting Engine (-sC): Execute Nmap scripts for additional information gathering.
  nmap -sC <target>

Stealth and Timing:

  • Stealth Mode (-sS): Use TCP SYN scanning for discreet reconnaissance.
  nmap -sS <target>
  • Timing Template (-T): Adjust scan timing for speed and stealth.
  nmap -T<0-5> <target>

Output and Reporting:

  • Verbose Output (-v): Increase verbosity for detailed scan information.
  nmap -v <target>
  • Output to File (-oN): Save scan results to a specified file.
  nmap -oN <output_file> <target>

Commonly Used Options:

  • Port Range (-p): Specify port range to scan.
  nmap -p <port_range> <target>
  • Exclude Hosts (-exclude): Exclude specified hosts from the scan.
  nmap --exclude <excluded_hosts> <target>
  • Scan Multiple Targets: Perform scans on multiple targets simultaneously.
  nmap <target1> <target2> ...

Miscellaneous:

  • Ping Scan (-sn): Determine which hosts are online without port scanning.
  nmap -sn <target>
  • Traceroute (–traceroute): Perform a traceroute to target hosts.
  nmap --traceroute <target>
  • Help and Documentation:
  nmap --help

Remember: Always obtain proper authorization before scanning any network. Unauthorized scanning may be illegal and unethical.

With this cheat sheet in hand, you’re ready to embark on your journey of network exploration and security auditing with Nmap. Happy scanning!