LinkedInGithub
Edit

Network Enumeration

Basic Network Scanning

 nmap -sn -Pn -n 10.10.10.0/24

  • -sn: Disable port scanning (ping scan).

  • -Pn: Skip host discovery.

  • -n: Disable DNS resolution.

Port Scanning

nmap -p- -p22,25,80,443 -F -sS -sU -sV 10.10.10.0/24

  • -p-: Scan all 65,535 ports.

  • -p22,25,80,443: Scan specified ports.

  • -F: Scan top 100 ports.

  • -sS: TCP SYN scan.

  • -sU: UDP scan.

  • -sV: Service version detection.

Service Detection

nmap -sC -sV --script default -p80,443 10.10.10.0/24

  • -sC: Default script scan.

  • -sV: Detect service versions.

  • --script default: Use default Nmap scripts.

Operating System Detection

nmap -O -A 10.10.10.0/24

  • -O: OS detection.

  • -A: Aggressive mode (includes OS detection, service detection, and traceroute).

Performance Optimization

nmap -T4 --min-rate 300 --max-retries 2 --stats-every=5s 10.10.10.0/24

  • -T4: Set timing template to "fast".

  • --min-rate 300: Send 300 packets per second.

  • --max-retries 2: Limit retries to 2.

  • --stats-every=5s: Display scan stats every 5 seconds.

Spoofing and Decoy Scans

nmap -D RND:5 -S 10.10.10.200 -e eth0 -g 80 10.10.10.0/24

  • -D RND:5: Use 5 random decoys.

  • -S: Spoof source IP.

  • -e eth0: Specify network interface.

  • -g 80: Set source port to 80.

Output Format codenmap -oA results -oN results.txt -oG results.gnmap -oX results.xml 10.10.10.0/24

  • -oA: Save in all formats with prefix "results".

  • -oN: Save as plain text.

  • -oG: Save in "grepable" format.

  • -oX: Save as XML.

All-in-One Command

nmap -T4 -sS -sU -sC -sV -O -A -p- --script default -oA full_scan_results 10.10.10.0/24

  • Combines fast timing, service detection, OS detection, script scanning, all ports, and saves the results in multiple formats.

PreviousApplication EnumerationNextService Enumeration

Last updated