Programmerboy Pentesting Stuff
  • Welcome
  • Web Pentesting Stuff
    • Pentesting Port 80,443
      • FFUF Commands
      • Virtual Host Scanning
      • Javascript DeObfuscation
      • Pentesting JWT (JSON Web Tokens)
      • Pentesting Graphql
      • Pentesting Redis 6379
  • CMS Pentesting
    • Wordpress Pentesting
    • Jenkins
    • Grafana
  • Network Penetration Testing
    • Nmap Commands
    • 53 - Pentesting DNS
    • 88 - Pentesting Kerberos
    • 111 - Pentesting RPC
    • 389 - Pentesting LDAP
    • 445 - Pentesting SMB
    • 873 - Pentesting Rsync
    • 1433 - Pentesting MSSQL
    • 2049 - Pentesting NFS
    • 3389 Pentesting RDP
    • 3306 - Pentesting Mysql
    • 5000 - Pentesting Docker Registry
  • Active Directory Pentesting
    • Methodology
  • Password and Bruteforce Attacks
    • Hydra
    • Cewl
    • Making Custom Wordlists (Usernames)
    • JSON to txt Wordlist
  • Linux Privilege Escalation
    • Getting a Fully Interactive TTY Shell
    • Docker Container Escape
  • Windows Privilege Escalation
    • Tunneling and Pivoting
    • Methodology
  • Bug Bounty
    • Bug Bounty Methodology
    • XSS
    • SQL Injection
    • Command Injection
    • File Upload Pentesting
    • Local and Remote File Inclusion
    • Broken Authentication
    • Server Side Request Forgery (SSRF)
    • XML External Entity (XXE)
    • Server Side Template Injection (SSTI)
    • ReconFTW (six2dez)
    • JS Files
    • SignUp Page
  • CTFs
    • WEB
    • Regex Bypass
    • Grep & Regex & Find strings
  • Python Programs for Pentesting
    • Python Code Snippets
  • Certifications-Notes
    • CRTO & Cobalt Strike
  • Phishing and Real World Stuff
    • Email Spoofing
    • Attacking Office 365 & Exchange
  • Cloud Pentesting
    • Enumeration
Powered by GitBook
On this page
  • Nmap Scan Top Ports
  • Masscan
  • Rustscan with Nmap (Fast Port Scanning)
  • Get IP, MAC && Vendor Name
  • Get Only IP IPaddress
  • Port Scan Script On all Ips
  1. Network Penetration Testing

Nmap Commands

PreviousGrafanaNext53 - Pentesting DNS

Last updated 1 month ago

Nmap Scan Top Ports

nmap -A -v --top-ports 20

Masscan

Massscan full port scan for TCP and UDP Both

masscan -p1-65535,U:1-65535 --rate=1000 10.10.10.74 -e tun0

Rustscan with Nmap (Fast Port Scanning)

This command Finds out Open Ports Quicky, then Passes the ports to Nmap with -A Flag to do Aggressive Scan

rustscan -a 10.10.68.208 -- -A # Single IP

rustscan -a 192.168.1.1,192.168.1.2,192.168.1.3 -- -A  # Multiple IPs

Get IP, MAC && Vendor Name

 nmap -sn 172.26.10.0/24 | grep -E "Nmap scan report|MAC Address" | awk '/Nmap scan report/ {ip=$5} /MAC Address/ {print ip, $3, $4, $5}'

Get Only IP IPaddress

nmap -sn 172.26.10.0/24 | grep "Nmap scan report" | awk '{print $5}'

Port Scan Script On all Ips

while read ip; do        
  echo "Port scan for $ip:" >> port_scan_results.txt
  nmap -A $ip >> port_scan_results.txt      
  echo "------------------------" >> port_scan_results.txt
done < ips.txt