Scan an IPv4 host/address nmap Scan an IPv6 host/address nmap -6 2607:f8b0:4007:804::1009 nmap -v A -6 2607:f8b0:4007:804::1009 Scan FQDN nmap Scan a host name with more info nmap -v Scan a range of IP address nmap nmap 192.168.1.* nmap nmap,2,3 nmap Read list of hosts/networks from a file nmap -iL /tmp/test.txt Excluding hosts/networks (IPv4) nmap –exclude nmap –exclude, nmap -iL /tmp/scanlist.txt –excludefile /tmp/exclude.txt Turn on OS and version detection scanning script (IPv4) nmap -A nmap -v -A nmap -A -iL /tmp/scanlist.txt Find out if a host/network is protected by a firewall nmap -sA Scan a host when protected by the firewall nmap -PN Scan a network and find out which servers and devices are up and running nmap -sP Perform a fast scan nmap -F Display the reason a port is in a particular state nmap –reason Only show open (or possibly open) ports nmap –open Show all packets sent and received nmap –packet-trace Show host interfaces and routes (netsat -nr) nmap –iflist Scan specific ports nmap -p 80 nmap -p 80,443 nmap -p 80-200 nmap -p T:80 nmap -p U:53 nmap -p U:53,111,137,T:21-25,80,139,8080 nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080 nmap –top-ports 5 Fastest way to scan all your devices/computers for open ports nmap -T5 Detect remote operating system nmap -O nmap -O –osscan-guess nmap -v -O –osscan-guess Detect remote services (server / daemon) version numbers nmap -sV Scan a host using TCP ACK (PA) and TCP Syn (PS) ping nmap -PS nmap -PS 80,21,443 nmap -PA nmap […]