Nmap Cheat Sheet


NMAP Cheat Sheet
Basic Scanning Techniques
Scan a single target —>
nmap [target]
Scan multiple targets —>
nmap [target1,target2,etc]
Scan a list of targets —->
nmap -iL [list.txt]
Scan a range of hosts —->
nmap [range of IP addresses]
Scan an entire subnet —->
nmap [IP address/cdir]
Scan random hosts —->
nmap -iR [number]
Excluding targets from a scan —>
nmap [targets] –exclude [targets]
Excluding targets using a list —>
nmap [targets] –excludefile [list.txt]
Perform an aggressive scan —>
nmap -A [target]
Scan an IPv6 target —>
nmap -6 [target]
Discovery Options
Perform a ping scan only —>
nmap -sP [target]
Don’t ping —>
nmap -PN [target]
TCP SYN Ping —>
nmap -PS [target]
TCP ACK ping —->
nmap -PA [target]
UDP ping —->
nmap -PU [target]
SCTP Init Ping —>
nmap -PY [target]
ICMP echo ping —->
nmap -PE [target]
ICMP Timestamp ping —>
nmap -PP [target]
ICMP address mask ping —>
nmap -PM [target]
IP protocol ping —->
nmap -PO [target]
ARP ping —>
nmap -PR [target]
Traceroute —>
nmap –traceroute [target]
Force reverse DNS resolution —>
nmap -R [target]
Disable reverse DNS resolution —>
nmap -n [target]
Alternative DNS lookup —>
nmap –system-dns [target]
Manually specify DNS servers —>
nmap –dns-servers [servers] [target]
Create a host list —->
nmap -sL [targets]
Advanced Scanning Options
TCP SYN Scan —>
nmap -sS [target]
TCP connect scan —->
nmap -sT [target]
UDP scan —->
nmap -sU [target]
TCP Null scan —->
nmap -sN [target]
TCP Fin scan —>
nmap -sF [target]
Xmas scan —->
nmap -sX [target]
TCP ACK scan —>
nmap -sA [target]
Custom TCP scan —->
nmap –scanflags [flags] [target]
IP protocol scan —->
nmap -sO [target]
Send Raw Ethernet packets —->
nmap –send-eth [target]


00 votes

Related Articles

Related forms

Related Categories

Parent category: Education
Page of 3