vimwiki/tech/recon/nmap.wiki
2021-09-22 10:09:42 -04:00

48 lines
1.4 KiB
Plaintext

[[index]]
= nmap =
A great tool for scanning hosts over the network
== Options ==
=== Hide yourself ===
* -D (Decoys)
- Usage: -D {IP_ADDR,IP_ADDR,...}
- list of hosts to send packets from. will spoof outgoing packets to appear
as if they come from these hosts. Can help fool [[IDS]] by hiding the real
address of the machine performing the scan
* -S (source address)
- Usage: -S IP_ADDR
- spoof the source address for packets for the scan. For this the -e option
is required, as well as -Pn
* -e (interface)
- Usage: -e INTERFACE
- set which interface to use when sending out packets, ie eth0 or wlan0
* -Pn (all hosts online)
- Usage: -Pn
- Treat all hosts as online, dont bother to check if theyre up or not
* -b (bounce)
- Usage: -b FTP.HOST.COM
- 'Bounce' our scan through a ftp host. does this by making it appear as if
we're requesting files, then watch how the server replies
=== Obtrusive ===
* -O (OS detection)
- Usage: -O
- Will attempt to see what OS the target system is running. Is pretty
invasive so be catious when using this
* -A (OS/version detection)
- Usage: -A
- Will attempt to detect both OS and OS version. Very obtrusive
* -T<0-5> (Timing template)
- Determine how fast the scan will go. higher is faster, yet more aggressive
and obvious to [[IDS]]
* -p (Scan specific port)
- Usage: -p<1-65535>
- Scans specified ports only. use -p- to scan every port