✍️ Verified Author: Mflavell • Click to view professional profile & credentials

Latest revision as of 16:10, 30 October 2025

Simple NMAP scan of the network

sudo su
nmap -sn network/mask -oN hosts.txt

nmap -n -sn network/mask -oG | awk '/Up$/{print $2}' | sort -V > hosts.txt

nmap ip

nmap start ip-end octlet

example

nmap 192.168.0.1-20

Faster scan

nmap -Pn -T5 -p- -sS -sU --min-rate 5000 start ip-end octlet

Dumping the faster scan to a text file

nmap -Pn -T5 -p- -sS -sU --min-rate 5000 start ip-end octlet > scan.txt

nmap =p ports star ip-end octlet

ports Can be a range 1090-1095 or a list 80,443,8080

Filtered - Cannot determine if port is open Firewall rules could be filtering the port.

@@ Line 1: / Line 1: @@
+[[Cybersecurity]] > [[Pentesting]] > Nmap
 =Simple NMAP scan of the network=
   sudo su
-  nmap ''network''/''mask'' -oN hosts.txt
+  nmap -sn ''network''/''mask'' -oN hosts.txt
+* sn prevents a port scan of hosts
+=Just return the IP addresses=
+ nmap -n -sn ''network''/''mask'' -oG | awk '/Up$/{print $2}' | sort -V > hosts.txt
+=Find the open ports=
+ nmap ''ip''
+==Find the open ports for a small IP range==
+ nmap ''start ip''-''end octlet''
+example
+ nmap 192.168.0.1-20
+Faster scan
+ nmap -Pn -T5 -p- -sS -sU --min-rate 5000 ''start ip''-''end octlet''
+Dumping the faster scan to a text file
+ nmap -Pn -T5 -p- -sS -sU --min-rate 5000 ''start ip''-''end octlet'' > scan.txt
+=Just query pots of interest=
+ nmap =p ''ports'' ''star ip''-''end octlet''
+''ports'' Can be a range 1090-1095 or a list 80,443,8080
+=Port states in NMAP=
+* Open - Accepting TCP connections
+* Closed - Accessible but nobody is listening
+* Filtered - Cannot determine if port is open ''Firewall rules could be filtering the port.''
+* Unfiltered - Accessible but cannot determine if open or closed.
+* Open|Filtered - Cannot determine if open OR filtered.
+* Closed|Filtered - Cannot determine if closed or filtered.
+=Reference=
+[https://nmap.org/book/man-port-scanning-basics.html Nmap guide]