Command Description | |
---|---|
nmap [target] Scan a Singl | e Target |
nmap [target1, target2, etc] Scan |
|
nmap -iL [list.txt] Scan a List | of Targets |
nmap [range of ip addresses] Scan |
|
nmap [ip address/cdir] Scan an | Entire Subnet |
nmap -iR [number] Scan Random | Hosts |
nmap [targets] --exclude [targets] Excl | uding Targets from a Scan |
nmap [targets] --excludefile [list.txt] | Excluding Targets Using a List |
nmap -A [target] Perform an A | ggressive Scan |
nmap -6 [target] Scan an IPv6 |
|
Command Description | |
---|---|
nmap -sP [target] Perform a Pi nmap -PN [target] Don’t Ping nmap -PS [target] TCP SYN Ping nmap -PA [target] TCP ACK Ping nmap -PU [target] UDP Ping |
ng Only Scan |
nmap -PY [target] SCTP INIT Pi | ng |
nmap -PE [target] ICMP Echo Pi | ng |
nmap -PP [target] ICMP Timesta | mp Ping |
nmap -PM [target] ICMP Address |
|
nmap -PO [target] IP Protocol nmap -PR [target] ARP Ping |
Ping |
nmap --traceroute [target] Tracerou | te |
nmap -R [target] Force Revers | e DNS Resolution |
nmap -n [target] Disable Reve | rse DNS Resolution |
nmap --system-dns [target] Alternat | ive DNS Lookup |
nmap --dns-servers [servers] [target] | Manually Specify DNS Server(s) |
nmap -sL [targets] Create a Hos | t List |
Command Description | |
---|---|
nmap -sS [target] TCP SYN Scan | |
nmap -sT [target] TCP Connect nmap -sU [target] UDP Scan |
Scan |
nmap -sN [target] TCP NULL Sca nmap -sF [target] TCP FIN Scan nmap -sX [target] Xmas Scan nmap -sA [target] TCP ACK Scan |
n |
nmap --scanflags [flags] [target] Cust | om TCP Scan |
nmap -sO [target] IP Protocol | Scan |
nmap --send-eth [target] Send Raw |
|
nmap --send-ip [target] Send IP | Packets |
Command Description | |
---|---|
nmap -F [target] Perform a Fast S | can |
nmap -p [port(s)] [target] Scan Specifi | c Ports |
nmap -p [port name(s)] [target] Scan Por | ts by Name |
nmap -sU -sT -p U:[ports],T:[ports] [target] | Scan Ports by Protocol |
nmap -p "*" [target] Scan All Por | ts |
nmap --top-ports [number] [target] Scan Top |
|
nmap -r [target] Perform a Sequen | tial Port Scan |
Command Description | |
---|---|
nmap -O [target] Operating Sy | stem Detection |
www.nmap.org/submit/ Submit T | CP/IP Fingerprints |
nmap -O --osscan-guess [target] Atte | mpt to Guess an Unknown OS |
nmap -sV [target] Service Vers | ion Detection |
nmap -sV --version-trace [target] Trou | bleshooting Version Scans |
nmap -sR [target] Perform a RP | C Scan |
Command Description | |
---|---|
nmap -T[0-5] [target] Timing Templ | ates |
nmap --ttl [time] [target] Set the Pack | et TTL |
nmap --min-parallelism [number] [target] Mini | mum # of Parallel Operations |
nmap --max-parallelism [number] [target] Maxi | mum # of Parallel Operations |
nmap --min-hostgroup [number] [targets] Mini | mum Host Group Size |
nmap --max-hostgroup [number] [targets] Maxi | mum Host Group Size |
nmap --initial-rtt-timeout [time] [target] Maxi | mum RTT Timeout |
nmap --max-rtt-timeout [TTL] [target] Init | ial RTT Timeout |
nmap --max-retries [number] [target] Maxi | mum Retries |
nmap --host-timeout [time] [target] Host Tim | eout |
nmap --scan-delay [time] [target] Minimum | Scan Delay |
nmap --max-scan-delay [time] [target] Maxi | mum Scan Delay |
nmap --min-rate [number] [target] Minimum | Packet Rate |
nmap --max-rate [number] [target] Maximum | Packet Rate |
nmap --defeat-rst-ratelimit [target] Defe | at Reset Rate Limits |
Command Description | |
---|---|
nmap -f [target] Fragment Packets | |
nmap --mtu [MTU] [target] Specify a Sp | ecific MTU |
nmap -D RND:[number] [target] Use a De | coy |
nmap -sI [zombie] [target] Idle Zombie | Scan |
nmap --source-port [port] [target] Manually |
|
nmap --data-length [size] [target] Append R | andom Data |
nmap --randomize-hosts [target] Randomiz | e Target Scan Order |
nmap --spoof-mac [MACvendor] [target] Spoo | f MAC Address |
nmap --badsum [target] Send Bad Che | cksums |
Command Description | |
---|---|
nmap -oN [scan.txt] [target] Save |
|
nmap -oX [scan.xml] [target] Save |
|
nmap -oG [scan.txt] [targets] Grep | able Output |
nmap -oA [path/filename] [target] Outp | ut All Supported File Types |
nmap --stats-every [time] [target] Peri | odically Display Statistics |
nmap -oS [scan.txt] [target] 133t |
|
Command Description | |
---|---|
nmap -h Getting Help | |
nmap -V Display Nmap |
|
nmap -v [target] Verbose | Output |
nmap -d [target] Debuggin | g |
nmap --reason [target] Disp | lay Port State Reason |
nmap --open [target] Only |
|
nmap --packet-trace [target] | Trace Packets |
nmap --iflist Display | Host Networking |
nmap -e [interface] [target] | Specify a Network Interface |
- Script Categories
all, auth, default, discovery, external, intrusive, malware, safe, vuln
Command Description | |
---|---|
nmap --script [script.nse] [target] Execute | Individual Scripts |
nmap --script [expression] [target] Execute | Multiple Scripts |
nmap --script [category] [target] Execute | Scripts by Category |
nmap --script [category1,category2,etc] Exec | ute Multiple Script Categories |
nmap --script [script] --script-trace [target] | Troubleshoot Scripts |
nmap --script-updatedb Update the S | cript Database |
Command Description | |
---|---|
ndiff [scan1.xml] [scan2.xml] Comp | arison Using Ndiff |
ndiff -v [scan1.xml] [scan2.xml] Ndif | f Verbose Mode |
ndiff --xml [scan1.xml] [scan2.xml] XML | Output Mode |