✍️ Verified Author: Mflavell • Click to view professional profile & credentials

Latest revision as of 16:10, 30 October 2025

Simple NMAP scan of the network

sudo su
nmap -sn network/mask -oN hosts.txt

nmap -n -sn network/mask -oG | awk '/Up$/{print $2}' | sort -V > hosts.txt

nmap ip

nmap start ip-end octlet

example

nmap 192.168.0.1-20

Faster scan

nmap -Pn -T5 -p- -sS -sU --min-rate 5000 start ip-end octlet

Dumping the faster scan to a text file

nmap -Pn -T5 -p- -sS -sU --min-rate 5000 start ip-end octlet > scan.txt

nmap =p ports star ip-end octlet

ports Can be a range 1090-1095 or a list 80,443,8080

Filtered - Cannot determine if port is open Firewall rules could be filtering the port.

@@ Line 1: / Line 1: @@
+[[Cybersecurity]] > [[Pentesting]] > Nmap
 =Simple NMAP scan of the network=
@@ Line 25: / Line 27: @@
   nmap 192.168.0.1-20
+Faster scan
+ nmap -Pn -T5 -p- -sS -sU --min-rate 5000 ''start ip''-''end octlet''
+Dumping the faster scan to a text file
+ nmap -Pn -T5 -p- -sS -sU --min-rate 5000 ''start ip''-''end octlet'' > scan.txt
+=Just query pots of interest=
+ nmap =p ''ports'' ''star ip''-''end octlet''
+''ports'' Can be a range 1090-1095 or a list 80,443,8080
+=Port states in NMAP=
+* Open - Accepting TCP connections
+* Closed - Accessible but nobody is listening
+* Filtered - Cannot determine if port is open ''Firewall rules could be filtering the port.''
+* Unfiltered - Accessible but cannot determine if open or closed.
+* Open|Filtered - Cannot determine if open OR filtered.
+* Closed|Filtered - Cannot determine if closed or filtered.
+=Reference=
+[https://nmap.org/book/man-port-scanning-basics.html Nmap guide]