Cheatsheets

Nmap Security Tool Cheatsheet

by n8n admin

๐Ÿ“ฑ Mobile Security Tips

James Calloway — Mobile Device Management Lead

What is Nmap?

Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It can be used to discover hosts and services on a computer network by sending packets and analyzing the responses.

Installation

Nmap can be installed on various operating systems including Windows, Linux, and macOS. Hereโ€™s how to install it on different platforms:

  • Linux: Most Linux distributions can install Nmap via package managers. For example, use sudo apt install nmap for Debian-based systems.
  • macOS: Use Homebrew with brew install nmap.
  • Windows: Download the installer from the Nmap official site.

Basic Syntax

The basic syntax for using Nmap is nmap [options] [targets].

Discovery

Host Discovery

To discover live hosts on a network, use:

nmap -sn 192.168.1.0/24

This command sends ICMP echo requests to all addresses in the specified range.

Service Discovery

Identifying services on found hosts:

nmap -sV 192.168.1.1

The -sV option probes open ports to determine service/version info.

Scanning

Port Scanning

This scans for open TCP ports on a target:

nmap -p 1-1000 192.168.1.1

The -p flag specifies the port range to scan.

Exploitation

Scripting Engine

Utilize Nmap’s scripting engine to execute scripts:

nmap --script vuln 192.168.1.1

The --script vuln flag runs vulnerability scripts.

Analysis

OS Detection

To perform OS fingerprinting:

nmap -O 192.168.1.1

The -O flag enables OS detection.

Evasion

Stealth Scanning

To avoid detection, use SYN scan:

nmap -sS 192.168.1.0/24

The -sS flag performs a TCP SYN scan.

Reporting

Output Formats

To export results in different formats, use:

nmap -oA output 192.168.1.1

The -oA option will save in all formats.

Quick Reference Table

Flag Description
-sP Ping scan – discover live hosts
-sV Version detection
-O OS detection
–script Execute specified scripts
-oA All output formats

Pro Tips

  • **Timing Options**: Use -T4 for faster execution.
  • **Exclude Hosts**: Use --exclude 192.168.1.5 to skip certain IPs.
  • **Aggressive Scan**: The -A flag combines several features like service detection, OS detection, and script scanning.

Real-World Examples

Example 1: Full Network Scan

nmap -sS -sV -O 192.168.1.0/24

Example 2: Scan and Save Output

nmap -sP -oA scan_results 192.168.1.1

Related Posts

Practical Mobile Security Tips for IT Professionals

๐Ÿ›  Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why This Matters In today’s world, mobile devices have become indispensable. However, their increasing ubiquity also makes them popular targets for cyber attackers. Ensuring robust…

AI Prompts Cheatsheet for Incident Response

๐Ÿค– AI Prompts Cheatsheet James Calloway — AI Tools Trainer Why AI Changes the Game for Incident Response In today’s fast-paced cybersecurity landscape, having AI tools at your disposal can streamline incident response, enabling quicker…