Nmap Syntax

Nmap Syntax

Nmap Syntax

Nmap Syntax

1.Scanning an IP
Syntax: nmap

2.Scanning a HOST
Syntax: nmap [www.example.com](http://www.example.com)\

3.Scanning a range of IPs Syntax: nmap

4.Scanning a Subnet
Syntax: nmap

5.Scanning a Targets from a Text File Syntax: nmap -iL

6.Scanning target & Ignore Discovery Syntax: nmap -target-ip <-Pn>

7.Scanning target & Host Discovery Syntax: nmap -target-ip <-sP>

8.Scan a Single Port
Syntax: nmap <-p port numbers>

9.Scan a range of ports
Syntax: nmap <-p firstport-lastport>

10.Scan all ports (65535) Syntax: nmap <-p->

11.Scan TCP or UDP Ports
Syntax: nmap <-p U:port, T:port>

12.Fast Port Scan
Syntax: nmap <-F> -v

13.No Randomise Port Scan Syntax: nmap <-r> -v

14.Nmap Top Ports Scan
Syntax: nmap < — top-ports N> -v

15.Nmap Port Ratio Scan
Syntax: nmap < — ports-ratio > -v

16.Port-knocking an obfuscation-as-security technique.
Syntax: for x in 1–10000; do nmap -Pn -p $x server_ip_address; done

17.Standard Service Detection Syntax: nmap <-sV>

18.Light Service Detection
Syntax: nmap <-sV — version-intensity 0>

19.Aggressive Service Detection
Syntax: nmap <-sV — version-intensity 5>

20.OS Detection
Syntax: nmap <-O >

21.OS Detection
Syntax: nmap < — max-os-tries>

22.OS Detection
Syntax: nmap < — osscan-limit >

23.OS Detection
Syntax: nmap < — osscan-guess; — fuzzy >

24.OS Detection
Syntax: nmap < — script — smb-os-discovery >

25.Save Normal Output to File
Syntax: nmap <-oN file.txt>

26.Save XML Output to File
Syntax: nmap <-oX file.txt>

27.Save XML to CSV for Recon
Syntax: nmap <-oX file.txt>
•Python parsey.py op.xml op.csv

28.Save “Grep”able Output to File Syntax: nmap <-oG file.txt>

29.ScRipT K1dd3 Output to File
Syntax: nmap <-oS file.txt>

30.Save All Types Output to File Syntax: nmap <-oA file.txt>

31.Scan using Default Safe Scripts Syntax: nmap <-sC>

32.Getting Help for any Scripts
Syntax: nmap < — script-help=scriptname>

33.Nmap Script Args
Syntax: nmap < — script=scriptname — scriptargs>

34.Scan using specific Scripts
Syntax: nmap < — script=script name.nse>

35.Scan using set of Scripts
Syntax: nmap < — script=“http-*”>

36.Update Script Database
Syntax: nmap < — script=updatedb>

37.Safe Scripts
Syntax: nmap < — script=safe,default> 38.Vulnerability Scripts

Syntax: nmap < — script=vuln> 39.DOS Scripts
Syntax: nmap < — script=dos>

40.Exploit Scripts
Syntax: nmap < — script=exploit>

41.Malware Scripts
Syntax: nmap < — script=http-malware-host>

42.Intrusive Scripts
Syntax: nmap < — script=intrusive>

43.NOT including Scripts
Syntax: nmap < — script=not script type>

44.Boolean Expression Scan
Syntax: nmap < — script=and or not script type>

45.Traceroute Scan
Syntax: nmap < — traceroute>

46.Trace Traffic & Geo Resolution Scan
Syntax: nmap < — script=traceroutegeolocation>

47.DNS BruteForce Scan
Syntax: nmap < — script=dns-brute.nse>

48.Find Hosts on IP Scan
Syntax: nmap < — script=hostmap-bfk.nse>

49.Whois Scan
Syntax: nmap < — script=whois-ip, whoisdomain>

50.Robots Scan
Syntax: nmap < — script=http-robots.txt>

51.WAF Detect Scan
Syntax: nmap < — script=http-waf-detect>

52.WAF Fingerprint Scan
Syntax: nmap < — script=http-waf-fingerprint>

53.Wafw00f vs Nmap Scan Syntax: wafw00f
Syntax: nmap < — script=http-waf-fingerprint>

54.Firewalk Scan
Syntax: nmap < — script=firewalk — traceroute>

55.Shodan Scan
Syntax: nmap < — script=shodan-api>

56.Email Enumeration
Syntax: nmap < — script=http-grep>

57.Nmap Crawlers Scan
Syntax: nmap < — script=http-useragent-tester>

58.Nmap Discovering Directories Scan Syntax: nmap < — script=http-enum>

59.Nmap Open Relay Scan
Syntax: nmap < — script=smtp-open-relay>

60.Nmap SMTP User Enum Scan
Syntax: nmap < — script=smtp-enum-users>

61.Nmap SMTP Password Attack Scan
Syntax: nmap < — script=smtp-brute>

62.Nmap SMTP Backdoor Detect Scan
Syntax: nmap < — script=smtp-strangeport>

63.Nmap POP3 Capabilities Scan
Syntax: nmap < — script=pop3-capabilities> 64.Nmap IMAP Capabilities Scan

Syntax: nmap < — script=imap-capabilities> 65.Nmap Cloak Scan with Decoy
Syntax: nmap <-D>

66.Nmap Spoof Mac Address
Syntax: nmap < — spoof-mac>

67.Nmap Select Interface
Syntax: nmap <-e ethO>

68.Nmap Source Port Modify
Syntax: nmap < — source-port 7890>

69.Nmap Fake TTL
Syntax: nmap < — ttl 128>

70.Nmap Relay Proxies
Syntax: nmap < — proxies proxy:port>

71.Nmap Bogus TCP/UDP Checksum Syntax: nmap < — badsum>

72.Nmap Bogus Fragment Scan Syntax: nmap <-f>

73.Nmap MTU Scan
Syntax: nmap <-mtu 8>

Did you find this article valuable?

Support Cyber Security by becoming a sponsor. Any amount is appreciated!