Hilfreiche NMAP Scanner Kommandos
Hier einige sehr nützliche Kommandos für NMAP.
Command Set
Discover Hosts
export IPRANGE='172.16.0.0/16' nmap -e tun0 -sn -v -oA pingscan $IPRANGE
Parse Results
grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
Discover Services
nmap -v -sSV -A -O -iL 172_16_ping_ips.txt
Discover more Hosts
nmap -PE -PS80,443,3389 -PP -PU40125,161 -PA21 --source-port 53 $IPRANGE
Sonstige Kommandos
Ping Scan
nmap -sP 172.16.0.0/16
schneller Scan
nmap-sn 192.168.0.1/24
systematischer Scan
nmap -e tun0 -PE -sn -n -oA pingscan 172.16.0.0/16
grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
nmap -e tun0 -sSV -O --top-ports 3800 -oA portscan172_ping_ips -iL 172_16_ping_ips.txt
gezielt Scannen
nmap -v -A -O -oX /root/op.xml -iL /home/kali/Desktop/hosts.txt
-A: Enable OS detection, version detection, script scanning, and traceroute -O: Enable OS detection -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3, and Grepable format, respectively, to the given filename. -iL <inputfilename>: Input from list of hosts/networks
#Portrange nmap -v -sSV -A -O -p40000-54000 $IP
Hostservices scannen
nmap -sSV $IP
Schwachstellen scannen
nmap -v --script vuln $IP
NMAP Scans verschleiern
--scan-delay/--max-scan-delay <time>: Adjust delay between probes
Banner Grabbing
nmap -sV --script=banner <target>