Nmap Guide - Foren-Ken/tech-journal GitHub Wiki

Basic Syntax: nmap {ip address}

This type of scan is basic and will not dig deep into port version. It will also only check 1000 of the most common ports on a computer.

---

OPTIONS: (This is where it gets good)

"-p" Allows for certain ports to be scanned. It accepts arrays and can be formatted like the following 1,2,3,4,5,6 to scan multiple ports. Another way to scan ports is by using 1-6000 to scan the ports between the two values.

"-sV" Is the version detection flag. When placed in a nmap command, it will have the scan check the version of the services on the ports.

"-A" Makes the scan conduct Detection, Version Detection, Script Scanning, and traceroute scanning on each port.

"-Pn" Skips host discovery.

"-open" only displays ports which are opened.

"--dns-server" can be used to specify a certain DNS server to reverse lookup with.

"-sL" Provides only the first line of the result of each IP address. This will be the "Result For..." line.

"-sT" Specifies that a TCP Connect Scan should be done. This ensures a full TCP connection is done.

"--top-ports X" selects the X most common ports to scan.

"-oG" creates a grepable output, allowing for simple parsing for grep and nmap to csv.

nmaptocsv (How to make sense of the data)

Using the following syntax: `nmaptocsv -i [input file] -d [delimiter choice (the divider between items in the csv file)]

A CSV output can be created. This allows data to be stored within a spreadsheet to organize and relate data.

"-i" allows the selection of the input file. "-d" chooses the delimiter. "-o" chooses an output location. "-f" Allows the modification of the format of the CSV output. "-S" Includes the script into the output.