Basic Scans

Nmap

Do the following

  1. Ping sweep first

sudo nmap <IP Address>/<Subnet> -o network.nmap

  1. Scan top 100 TCP ports

nmap -sV -sC -sT -T4 -A --top-ports=100 --open -Pn -oN target.tcp <Target IP Address>

  1. Scan all ports

nmap -sV -sC -sT -T4 -A -p- --open -Pn -oN target.fullnmap <Target IP Address>

  1. Scan top 100 UDP ports

nmap -sV -sC -sU -T4 --top-ports=100 --open -Pn -oN target.udp <Target IP Address>

Network Scan

The following command scan the entire network

sudo nmap <IP Address>/<Subnet> -o network.nmap

Port Scan

The following command scan the top 100 ports of a specific IP address

The following command scan all ports of a specific IP address, outputting open ports

The following command scan the top 100 ports of a specific IP address aggressively and output open ports to target.fullmap. It does OS detection, version detection, script scanning and traceroute.

The following command scan all ports of a specific IP address aggressively and output open ports to target.fullmap. It does OS detection, version detection, script scanning and traceroute.

The following command scan all ports of a specific IP address aggressively stealthily, outputting open ports

Vulnerability Scan

The following command identify the services and versions running, and then runs vulnerability-checking scripts

UDP Scan

The following command scan for top 100 UDP ports of a specific IP address and output to target.udp

S1REN Scan

The following performs S1REN scan on a specific IP address and output to target.s1ren

PreviousBasicNextService Enumeration

Last updated