NMAP Cheat Sheet

Here I will post some reminders for myself about NMAP, so I took the liberty to call this a little NMAP Cheat Sheet

What is NMAP

Nmap is an awesome tool to do network reconnaissance.

NMAP, short for Network Mapper, is a popular open-source tool used for network discovery and security auditing. It allows users to scan networks to identify hosts, services, and open ports. NMAP can be used to:

  1. Host Discovery: Identify live hosts on a network.
  2. Port Scanning: Discover open ports and services running on those ports.
  3. Service Enumeration: Determine the versions of services running on discovered ports.
  4. OS Detection: Guess the operating system of remote hosts.
  5. Vulnerability Scanning: Identify potential vulnerabilities based on the services and versions detected.

NMAP is highly flexible and can be customized with various scan techniques and options to gather detailed information about network assets. It’s widely used by network administrators, security professionals, and hackers alike for both legitimate and malicious purposes.

-sV command

Adding -sV to your Nmap command will collect and determine service and version information for the open ports. Be aware that, as it is a Unix command, this is case-sensitive. -sv per example will not work.

-p command

Nmap flagDescription
-sVAttempts to determine the version of the services running
-p <x> or -p-Port scan for port <x> or scan all ports
-PnDisable host discovery and scan for open ports
-AEnables OS and version detection, executes in-build scripts for further enumeration 
-sCScan with the default Nmap scripts
-vVerbose mode
-sUUDP port scan
-sSTCP SYN port scan