nmap
networkingLinux/Unix/Windows
The nmap command is one of the most frequently used commands in Linux/Unix-like operating systems. nmap Network exploration tool and security scanner
Quick Reference
Command Name:
nmap
Category:
networking
Platform:
Linux/Unix/Windows
Basic Usage:
nmap [options] [arguments]
Common Use Cases
Syntax
nmap [scan type] [options] {target specification}
Options
Option | Description |
---|---|
-sS |
TCP SYN scan (Default scan) |
-sT |
TCP connect scan |
-sU |
UDP scan |
-sA |
TCP ACK scan |
-sW |
TCP Window scan |
-sM |
TCP Maimon scan |
-sN |
TCP NULL scan |
-sF |
TCP FIN scan |
-sX |
TCP XMAS scan |
-sP |
Ping scan |
-sn |
No port scan (host discovery only) |
-sV |
Version detection |
-O |
OS detection |
-A |
Aggressive scan: OS detection, version detection, script scanning, and traceroute |
-p |
Only scan specified ports |
-p- |
Scan all ports (1-65535) |
-F |
Fast scan (scan fewer ports) |
-T<0-5> |
Set timing template (higher is faster) |
--script= |
Run specified NSE scripts |
--script-args= |
Provide arguments to scripts |
-iL |
Input from list of hosts/networks |
-oN |
Output normal format to file |
-oX |
Output XML format to file |
-oG |
Output grepable format to file |
-oA |
Output in all formats |
-v |
Increase verbosity level |
-d |
Increase debugging level |
-6 |
Enable IPv6 scanning |
--open |
Only show open (or possibly open) ports |
--packet-trace |
Show all packets sent and received |
--reason |
Display the reason a port is in a particular state |
Timing Templates (-T):
Template | Description |
---|---|
0 (Paranoid) | Very slow, used for IDS evasion |
1 (Sneaky) | Quite slow, used for IDS evasion |
2 (Polite) | Slows down to consume less bandwidth |
3 (Normal) | Default, a balance between accuracy and speed |
4 (Aggressive) | Assumes a fast and reliable network |
5 (Insane) | Very aggressive; may overwhelm targets or miss ports |
Examples
How to Use These Examples
The examples below show common ways to use the nmap
command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.
# Basic Examples Basic
nmap 192.168.1.1