Nmap Cheat Sheet

Here’s a basic Nmap cheat sheet covering some common commands and options:

Basic Scan

nmap target

Port Scan

nmap -p <port(s)> target

Scan Multiple Hosts

nmap target1 target2

Aggressive Scan (Enables script scanning and version detection)

nmap -A target

Service Version Detection

nmap -sV target

Operating System Detection

nmap -O target

Output to a File

nmap -oN output.txt target

Output in XML Format

nmap -oX output.xml target

Verbose Mode

nmap -v target

Timing and Performance

Paranoid timing:

nmap -T0 target

Polite timing:

nmap -T2 target

Aggressive timing:

nmap -T4 target

Insane timing:

nmap -T5 target

Exclude Hosts from Scan

nmap --exclude <host> target

Scan for Specific Protocols

nmap -sU target  # UDP scan
nmap -sS target  # TCP SYN scan

Script Scanning

nmap --script <script-name> target

Scan a Range of IP Addresses

nmap 192.168.1.1-20

Ping Scan

nmap -sn target

Scan for Open Ports Only

nmap --open target

IPv6 Scan

nmap -6 target

Scan for All 65,535 Ports

nmap -p- target

Interactive Mode

nmap --interactive

List Nmap Script Categories

nmap --script-help *

These are some basic examples, and Nmap has many more options and capabilities. Always ensure you have the necessary permissions before scanning any target. For more details, refer to the Nmap documentation and man pages.