nmap

Updated: September 28, 2024

Network Mapper is an open source tool for network exploration and security auditing.

COMMON USES OF NMAP

!!!!! It is illegal to nmap sites and servers you do not own !!!!!

nmap by default scans the top 1000 commonly used ports.

# WEBSITES
nmap somewebsite.com    # list ip addr and open ports and services.
nmap 66.96.147.199    # does the same as above.
    -A, --aggressive    # more details
    -O    # list operating system of website.
    -F    # fast scan that does 100 ports.
    -sV   # list of version services that are running.
    -sP   # ping sweep
    -sS   # stealth port scan
    -p, --source-port    # scan specific ports (20-25,80,443 or http,mysql)
    -p-   # scans all 65000 ports.
    --open    # 1000 most common ports, only displays what is open.
    -g    # change source port.
    --data-length   # vary the data packet size.
    --randomize-hosts   # randomize target scan order.
    -sT
    -PN
    --spoof-mac
    --badsum
    -oN file     # output result to a file

nmap -sP -PT 80 192.168.0.0/24
nmap -sT -PN --spoof-mac 0 192.168.0.9    # generate a random mac address when scanning.
    
sudo nmap -f 192.168.0.9    # must be root for this command. Sends smaller packets to save time.
sudo nmap --mtu 8 192.168.0.1   # maximum transmission unit.
sudo nmap -D RND: 10 192.168.0.9    # decoys, send packets from multiple destinations.
sudo nmap -sI 192.156.55.54<-zombie and should be in idle state.| 192.33.4.134<- actual target.

# DEVICES ON HOME NETWORK
nmap 192.168.0.9 192.168.0.5 192.168.0.34   #scans your devices
nmap 192.168.0.1-30   #scan the range for all devices taking up a host slot.

# FROM A FILE LIST OF IPs
nmap -iL targets.txt    # uses ip's in the file