Nmap

Nmap (Network Mapper) is a security scanner that can be used to discover hosts and services on a computer or computer network. Includes at least nmap and nping binaries.

Installation

apt install nmap or snap install nmap

Basic nmap commands

Basic nmap host scan:
- nmap -nP HOSTNAME_TO_SCAN
- nmap -nP HOSTNAME_TO_SCAN -p 80,443
- nmap HOSTNAME_TO_SCAN
Basic nmap network scan: nmap -sn 192.168.0.* (-sn - ping scan so No/disable port scan)

-sn: Ping scan so disable port scan

OS detection: nmap -O IP
-sP TODO
nmap -sV -sC -O -traceroute IPaddress is the same as = nmap -A IPAddress

Basic nping commands

nping is packet generation, response analysis and response time measurement available since 2011 and developed by nmap developers

"TCP ping":
- nping -c 1 --tcp -p 80,433 google.com^[1]
- nping -c 3 --tcp -p 443 --flags syn google.com^[2]
nping -H -tr 8.8.8.8 (-H Hide-sent do not display sent packets, -tr traceroute)

Basic port scanning

Scan common ports

nmap –F 192.168.0.1

Scan all ports (1 – 65535)

nmap –p– 192.168.0.1

To scan using TCP connect

nmap –sT 192.168.0.1

To perform the default SYN scan

nmap –sS 192.168.0.1

The nmap utility can be used to detect the operating system of a particular target

nmap –A 192.168.0.1

Banner Grabbing

nmap -sV --version-intensity 5 xxxxxx.com -p 80

The -sV option lets us fetch the software versions, and by adding –version-intensity 5, we can get the maximum number of possible details about the remote running software.

By using the powerful NSE we can also try other scripts that will help us fetch remote banners easily:

nmap -sV --script=banner IP

Activities

Basic

Use nping to execute a "tcp ping": Check TCP connectivity

Advanced

Read nmap Changelog: https://nmap.org/changelog.html

Security tools: Vulnerability scanner, port scan, Host sweep, nmap, nping, ncat, nc, psad, Gordon Lyon
Wikibooks:Hacking/Tools/Network/Nmap
ping, nping, arping, fping, gping, hping, mtr, traceroute, tcptraceroute , tracepath, Test-Connection Powershell cmdlet, iperf, Ping (PAN-OS), BWPing, check_ping, ping -M, ios ping, ping -a
telnet, netcat, nc, nc -l, ncat, socat, ngrok
Packet analyzer: tcpdump, Wireshark, snoop (Solaris), ngrep, Wireshark, dSniff, netsniff-ng, Corvil, PAN-OS, pcap
Port knocking, fail2ban^[3] fwknop, DenyHosts
MASSCAN
whois, IP address, geoiplookup, ip2location

↑ https://nmap.org/book/nping-man.html

↑ https://www.aldeid.com/wiki/Nping

↑ https://serverfault.com/a/608976

[1]

[2]

[3]

Nmap

Contents

Installation

Basic nmap commands

Basic nping commands

Basic port scanning

Banner Grabbing

Activities

Basic

Advanced

See also

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools