Nmap Cheatsheet for Security Analysts

🤖 AI Prompts Cheatsheet

Daniel Osei — AI-Assisted Security Engineer

What is Nmap?

Nmap (Network Mapper) is an open-source tool for network exploration and security auditing. It is widely used for discovering hosts and services on a computer network by sending packets and analyzing the responses.

Installation

Nmap can be installed on various platforms. Here’s how to install it:

Windows: Download the installer from the official Nmap website.
Linux: Use the package manager. For Debian-based systems, run:

sudo apt install nmap

macOS: Use Homebrew:

brew install nmap

Basic Syntax

nmap [options] [target]

Basic options include:

Flag	Description
-sS	TCP SYN scan (default scan)
-T4	Increase speed of the scan
-p	Specify ports to scan

Network Discovery

IP Range Discovery

nmap -sP 192.168.1.0/24

Use this command to perform a ping scan on a subnet.

OS Detection

nmap -O 192.168.1.1

This command attempts to determine the operating system of the target.

Scanning

TCP Scan

nmap -sS -p 22,80 192.168.1.1

TCP SYN scan on ports 22 and 80.

Service Version Detection

nmap -sV -p 1-1000 192.168.1.1

Detect service versions running on the first 1000 ports.

Exploitation

Script Scanning

nmap --script vuln 192.168.1.1

This command runs vulnerability detection scripts on the target.

Analysis

Output Formats

nmap -oA scan_results 192.168.1.1

This saves outputs in all formats (XML, grepable, normal).

Evasion

Packet Fragmentation

nmap -f 192.168.1.1

This command fragments packets to evade some firewall detection.

Reporting

Saving Output

nmap -oN report.txt 192.168.1.1

Saves scan results in a text file for later analysis.

Quick Reference Table

Flag	Description
-p	Port specification
-sC	Run default scripts
-O	Enable OS detection
–script	Specify script to run

Pro Tips

Use -T5 for the fastest scan; use cautiously, as it can be detected more easily.
Combine multiple scans using scripts to automate routine checks.
Utilize --top-ports to target the most common ports for efficiency.

Real-World Examples

Identifying Vulnerabilities

nmap -sV --script vuln 10.0.0.5

Invoke this command to scan a host for known vulnerabilities.

Scan and Save Result

nmap -oA save_scan 192.168.1.0/24

Conduct a scan against a subnet and save results in various formats for reporting.

Nmap Cheatsheet for Security Analysts

What is Nmap?

Installation

Basic Syntax

Network Discovery

IP Range Discovery

OS Detection

Scanning

TCP Scan

Service Version Detection

Exploitation

Script Scanning

Analysis

Output Formats

Evasion

Packet Fragmentation

Reporting

Saving Output

Quick Reference Table

Pro Tips

Real-World Examples

Identifying Vulnerabilities

Scan and Save Result

Categories

Recent Posts

What is Nmap?

Installation

Basic Syntax

Network Discovery

IP Range Discovery

OS Detection

Scanning

TCP Scan

Service Version Detection

Exploitation

Script Scanning

Analysis

Output Formats

Evasion

Packet Fragmentation

Reporting

Saving Output

Quick Reference Table

Pro Tips

Real-World Examples

Identifying Vulnerabilities

Scan and Save Result

Related Posts

Essential Mobile Security Tips for Users and IT Administrators

AI Prompts Cheatsheet for Security Analysts

AI Prompts Cheatsheet for Cybersecurity Analysts