Cheatsheets

Security Cheatsheet

by n8n admin

📱 Mobile Security Tips

Nina Kovacs — Consumer Security Analyst

{
“title”: “Nmap Security Tool Cheatsheet”,
“content”: “

What is Nmap?

Nmap (Network Mapper) is an open-source tool designed for network discovery and security auditing. It is widely used by security analysts and penetration testers for scanning networks to identify live hosts, open ports, and services running on servers. With its extensive capabilities, Nmap helps in planning attacks and securing networks effectively.

Installation

Nmap is available for various operating systems. To install it:

  • Linux (Debian/Ubuntu): sudo apt install nmap
  • Linux (CentOS/RHEL): sudo yum install nmap
  • macOS: brew install nmap
  • Windows: Download from Nmap’s official website.

Basic Syntax

The basic syntax for using Nmap is:

nmap [options]

Discovery

Discovery scans help identify active hosts on a network.

  • Ping Scan: Identifies live hosts.nmap -sn
  • Subnet Scan: Scans an entire subnet.nmap -sn 192.168.1.0/24
  • OS Detection: Attempts to determine the operating system.nmap -O

Scanning

Once the targets are identified, various scans help assess the security posture.

  • Service Version Detection: Identifies versions of services running on ports.nmap -sV
  • Port Scan: Scans for open ports on a target.nmap -p 1-65535
  • TCP Connect Scan: Establishes a connection with the target port.nmap -sT

Exploitation

While Nmap is primarily a scanning tool, it can help identify potential vulnerabilities.

  • Script Scan: Executes Nmap scripts to identify vulnerabilities.nmap --script
  • Version Scanning with Scripts: Combines scripts with version detection.nmap -sV --script=vuln

Analysis

Post-scan analysis helps assess the security findings.

  • XML Output: Save output in XML format for further analysis.nmap -oX
  • Grepable Output: Save output formatted for grepping.nmap -oG

Evasion

Sometimes, you need to conceal scans from firewalls and intrusion detection systems.

  • Timing Options: Adjust scan speed to avoid detection.nmap -T<0-5>
  • Decoy Scan: Mask your IP during scanning.nmap -D

Reporting

Consolidating your findings for reporting is essential.

  • Text Output: Save output in a plain text format.nmap -oN

Quick Reference Table

Flag Description
-sP Ping scan (discovery)
-sV Service version detection
-O OS detection
-oN Normal output
-oX XML output
-T Timing template
-D Decoy mode

Pro Tips

  • Use -p- to scan all ports: nmap -p-
  • Combine multiple flags for comprehensive analysis, e.g., nmap -sS -sV -O
  • Keep your Nmap updated; security features new features and scripts regularly.

Real-World Examples

1. To scan your local network for live hosts:

nmap -sn 192.168.1.0/24

2. To check for open ports and service versions on a target:

nmap

Related Posts

Using ChatGPT for Threat Intelligence Analysis

🛠 Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why AI Changes the Game for Threat Intelligence Analysis Threat intelligence analysis involves collecting, analyzing, and interpreting data about potential threats to inform decisions about…

AI Prompts Cheatsheet for Cybersecurity Analysts

📱 Mobile Security Tips Sarah Chen — iOS Security Specialist Why AI Changes the Game for Cybersecurity Analysts Integrating AI tools such as ChatGPT, Claude, and others can significantly augment the daily tasks of cybersecurity…

Effective Use of AI Tools for Cybersecurity Analysis

📱 Mobile Security Tips Nina Kovacs — Consumer Security Analyst Why AI Changes the Game for Cybersecurity Analysis AI tools have revolutionized cybersecurity by enhancing the capacity for data analysis, threat detection, and incident response.…