Purpose

This tool scans networks and identifies which hosts are available on the network using raw packets, and services and applications, including the name and version, where possible. It can also identify the operating systems and versions of these hosts. Moreover, it offers scanning capabilities that can determine if packet filters, firewalls, or intrusion detection systems are configured.

Syntax

nmap <scan types> <options> <target>

Scan types:

  -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
  -sU: UDP Scan
  -sN/sF/sX: TCP Null, FIN, and Xmas scans
  --scanflags <flags>: Customize TCP scan flags
  -sI <zombie host[:probeport]>: Idle scan
  -sY/sZ: SCTP INIT/COOKIE-ECHO scans
  -sO: IP protocol scan
  -b <FTP relay host>: FTP bounce scan

Example (For more, see Network Enumeration With Nmap):

sudo nmap -sS -p- localhost

Security Vault

Explorer

Nmap

Purpose

Syntax

Graph View

Table of Contents

Backlinks