Nmap
Establish the variable
Typical Nmap scan
nmap -sV -sC -O -oA scan $ip
Nmap stealth scan using SYN
Nmap stealth scan using FIN
Nmap Banner Grabbing
Nmap OS Fingerprinting
Nmap Regular Scan:
Enumeration Scan All Ports TCP / UDP and output to a txt file
nmap -oN scan.txt -v -sU -sS -p- -A -T4 $ip
Nmap output to a file:
nmap -oN scan.txt -p 1-65535 -sV -sS -A -T4 $ip/24
Quick Scan:
Quick Scan Plus:
nmap -sV -T4 -O -F --version-light $ip/24
Quick traceroute
nmap -sn --traceroute $ip
All TCP and UDP Ports
nmap -v -sU -sS -p- -A -T4 $ip
Intense Scan:
Intense Scan Plus UDP
nmap -sS -sU -T4 -A -v $ip/24
Intense Scan ALL TCP Ports
nmap -p 1-65535 -T4 -A -v $ip/24
Intense Scan - No Ping
nmap -T4 -A -v -Pn $ip/24
Ping scan
Slow Comprehensive Scan
nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script "default or (discovery and safe)" $ip/24
Scan with Active connect in order to weed out any spoofed ports designed to troll you
nmap -p1-65535 -A -T5 -sT $ip