Scan using NMAP

Kamran Rafiq CISM®, CRISC®, ISC² CC℠

·

Follow

1 min read

·

Jan 12, 2021

--

2

Listen

Share

Detect OS and Services
#nmap -A 192.168.1.1

Standard service detection
#nmap -sV 192.168.1.1

More aggressive Service Detection :
#nmap -sV — version-intensity 5 192.168.1.1

Lighter banner grabbing detection :
#nmap -sV — version-intensity 0 192.168.1.1

Scan using default safe scripts :
#nmap -sV -sC 192.168.1.1

Get help for a script :
#nmap — script-help=ssl-heartbleed

Scan using a specific NSE script :
#nmap -sV -p 443 –script=ssl-heartbleed.nse 192.168.1.1

Scan with a set of scripts :
#nmap -sV — script=smb* 192.168.1.1

Find Information about IP address :
#nmap — script=asn-query,whois,ip-geolocation-maxmind 192.168.1.0/24

Gather page titles from HTTP services :
#nmap — script=http-title 192.168.1.0/24

Get HTTP headers of web services :
#nmap — script=http-headers 192.168.1.0/24

Find web apps from known paths :
#nmap — script=http-enum 192.168.1.0/24

Easily Detect CVEs with Nmap Scripts:

pkg install nmap

cd /data/data/com.termux/files/usr/share/nmap/scripts/

git clone https://github.com/vulnersCom/nmap-vulners.git

git clone https://github.com/scipag/vulscan.git
ls vulscan/*.csv

cd vulscan/utilities/updater/

chmod +x updateFiles.sh
./updateFiles.sh

ex. nmap — script nmap-vulners -sV <target IP>

ex. nmap — script vulscan -sV <target IP>

ex. nmap — script nmap-vulners,vulscan — script-args vulscandb=scipvuldb.csv -sV <target IP> for combo scan

ENJOY!!!