• Skip to main content
  • Skip to primary sidebar
  • Home
  • WordPress
  • web Hosting
  • linux
  • mysql
  • nginx
  • apache2
  • devops

Raju Ginni

wordpress tutorials seo hosting etc

You are here: Home / Linux sysadmin tutorials linux system administrator / Nmap Cheat Sheet – Network Scanning & Security

Nmap Cheat Sheet – Network Scanning & Security

A quick reference guide for Nmap (Network Mapper) – the powerful open-source tool for network discovery and security auditing. πŸš€


Nmap is a powerful, open-source command-line tool used forΒ network exploration and security auditing, enabling users to scan networks, discover hosts, identify open ports, and detect operating systems and services.Β 

Here’s a breakdown of common Nmap command usage:
  • Basic Usage:
    • nmap <target>: Scans a single host or network, resolving hostnames to IP addresses.Β 
    • nmap -sS <target>: Performs a TCP SYN scan (stealth scan).Β 
    • nmap -p <port_range> <target>: Scans specific ports.Β 
    • nmap -O <target>: Performs operating system detection.Β 
    • nmap -v <target>: Enables verbose output.Β 
  • Host Discovery:
    • nmap -sn <target>: Performs a ping scan (host discovery).Β 
    • nmap -sL <target>: Lists hosts in a network range.Β 
  • Port Scanning:
    • nmap -p <port_number> <target>: Scans a specific port.Β 
    • nmap -p <port_range> <target>: Scans a range of ports.Β 
    • nmap -sV <target>: Attempts to determine service and version information.Β 
  • OS Detection:
    • nmap -O <target>: Attempts to identify the operating system of the target.Β 
  • Vulnerability Scanning:
    • nmap --script <script_name> <target>: Executes a specific Nmap script for vulnerability scanning.Β 
  • Example Scenarios:
    • Scan a single host for open ports:Β nmap 192.168.1.100Β 
    • Scan a network range for live hosts:Β nmap -sn 192.168.1.0/24Β 
    • Scan a host for open ports and service versions:Β nmap -p 22,80,443 -sV 192.168.1.100Β 
    • Scan a host for known vulnerabilities:Β nmap --script vuln <target>Β 
    • Scan a host and detect the OS:Β nmap -O 192.168.1.100Β 
  • Nmap Scripting Engine (NSE):
    • Nmap has a powerful scripting engine (NSE) that allows users to write and execute custom scripts for various network tasks.Β 
    • You can find and use scripts from the Nmap repository or write your own using the Lua programming language.Β 

Table of Contents

Toggle
  • πŸ” Basic Scans
  • πŸ“‘ Scanning Specific Ports
  • πŸ”‘ Service & Version Detection
  • πŸ•΅οΈ OS & Firewall Detection
  • 🎯 Evading Firewalls & IDS
  • πŸ”„ Advanced Scanning Techniques
  • πŸ“‚ Saving Scan Results
  • πŸ–₯️ Scanning Multiple Targets
  • πŸ“œ Nmap Scripting Engine (NSE)

πŸ” Basic Scans

Command Description
nmap <target> Basic scan to detect open ports and services.
nmap -sP <target> Ping scan to check if hosts are online.
nmap -sS <target> Stealth SYN scan (most popular, less detectable).
nmap -sT <target> Full TCP Connect scan (more reliable, noisier).
nmap -A <target> Aggressive scan (OS detection, version detection, script scanning, traceroute).
nmap -v <target> Enable verbose mode for detailed output.

πŸ“‘ Scanning Specific Ports

Command Description
nmap -p 80 <target> Scan only port 80.
nmap -p 1-65535 <target> Scan all ports (1-65535).
nmap -p- <target> Scan all possible ports automatically.
nmap --top-ports 10 <target> Scan the top 10 commonly used ports.

πŸ”‘ Service & Version Detection

Command Description
nmap -sV <target> Detect running services and versions.
nmap -sV --version-all <target> Try all available version detection methods.

πŸ•΅οΈ OS & Firewall Detection

Command Description
nmap -O <target> Detect operating system.
nmap -Pn <target> Disable ping (useful if ICMP is blocked).
nmap --script firewall-bypass <target> Check for firewall bypass techniques.

🎯 Evading Firewalls & IDS

Command Description
nmap -f <target> Use fragmentation to bypass firewalls.
nmap --data-length 50 <target> Append random data to confuse IDS.
nmap --randomize-hosts -T2 <target> Randomize scan order and slow down for stealth.
nmap --badsum <target> Send packets with bad checksums (IDS evasion).

πŸ”„ Advanced Scanning Techniques

Command Description
nmap -sU <target> UDP scan.
nmap -sN <target> NULL scan (no flags set).
nmap -sX <target> Xmas scan (FIN, PSH, URG flags set).
nmap -sF <target> FIN scan (sends only FIN flag).

πŸ“‚ Saving Scan Results

Command Description
nmap -oN output.txt <target> Save results in normal text format.
nmap -oX output.xml <target> Save results in XML format.
nmap -oG output.gnmap <target> Save results in grepable format.
nmap -oA fullscan <target> Save results in all formats.

πŸ–₯️ Scanning Multiple Targets

Command Description
nmap 192.168.1.1 192.168.1.2 Scan multiple IPs.
nmap 192.168.1.1-10 Scan a range of IPs.
nmap -iL targets.txt Scan targets from a file.

πŸ“œ Nmap Scripting Engine (NSE)

Command Description
nmap --script=vuln <target> Run vulnerability detection scripts.
nmap --script=http-enum <target> Enumerate web server directories.
nmap --script=smb-os-discovery <target> Detect OS via SMB.
nmap --script ssl-heartbleed <target> Check for Heartbleed vulnerability.

Primary Sidebar

Linux sysadmin tutorials linux system administrator

  • top 10 apt & apt-get commands (most used) apt vs apt-get
  • If-Else Statements in Shell Scripting
  • linux commands pdf (files & Directories, zip & unzip process, search etc)
  • Find Files with Specific Text on Linux grep find command
  • linux performance tuning inode limit file descriptors tco, kernel etc
  • Variables and Data Types in Shell Scripting
  • Top 10 most used Cat commands with examples (create, view, append files)
  • Ip tables / ufw / firewall d commands for block port ip rate limiting
  • Top 10 zip / tar commands to compress & extract files in linux
  • TOP 10 mv & cp commands in linux to move & copy files in Linux
  • Top 10 GREP Commands in linux to search files directory words strings
  • lsof netstat commands to know listening ports in linux 3 ways
  • Upgrade Ubuntu from 18.04 (19.10) to 20.04 LTS command line or gui server | desktop
  • 3 Ways (SCP, rsync, Sftp) linux server migration between two remote server apache nginx
  • linux system specs commands (CPU, Memory, Disk )speed, type. manufacture
  • linux sysctl command tweaks & hardening
  • linux security limits.conf deciding user limits process limits for nginx server
  • ulimit linux unlimited command unlimto set & know user limits open files file descriptor max user process etc.
  • red hat linux certification cost jobs salary syllabus courses fees
  • ufw firewall commads allow port enable disable ubuntu 20.04
  • ddos attack prevention
  • change ssh port in linux - avoid sshd ddos attacks
  • ping command
  • memcached install ubuntu wordpress
  • check linux version (lsb_release -a) ubuntu debian 32 or 64 bit
  • rsync command linux with examples comparison to scp
  • how to uninstall package in linux ubuntu rpm, yum apt-get
  • increase open file limit linux File descriptor ft nginx , mysql, lemp
  • remove repository ubuntu
  • htop commad memory details virtual vs shard vs resident
  • chown command in Linux with Examples
  • Kill PHP process
  • VIrtual Memory vs RSS Memory vs Shared memory in Linux
  • oom killer fixing it by configuration linux ubuntu
  • Install Lemp nginx mysql php fpm Stack on Debian 11 with repository
  • connect two remote servers linux command line
  • auto start after oom killer Mysql & php fpm nginx etc ubuntu wth systemd or cron job
  • load average Linux 1, 5, 15 min 2,4,8 cores explained
  • Control Structures in Shell Scripting
  • Shell Scripting Roadmap for Beginners to Advanced
  • awk commands with practical examples
  • Shell Scripting Tutorial for Beginners πŸš€
  • find Command in Linux with Examples
  • sed Command in Linux with Examples (Beginner to Advanced)
  • Linux Text processing commands in with Examples
  • linux disk management commands
  • fdisk command in linux with examples
  • how to add a new disk in linux
  • Linux mount Command with Examples
  • fstab options with examples
  • Top 50 Shell Scripting Interview Questions and Answers
  • Linux Networking Interview Questions and Answers
  • Linux Networking Commands Cheat Sheet with Examples pdf
  • Netstat & SS Commands cheat sheet with examples Interview Questions
  • Nmap Cheat Sheet – Network Scanning & Security
  • Bash Brackets ([], (), {}, $( ), $(( ))) – Types, Uses & Examples

hi i am raju ginni, primalry i manage wordpress websites on GCP cloud platform as a cloud engineer, and create content on passionate things.
you can follow me on youtbe

© 2025 - All Rights Reserved Disclaimer & Privacy Policy