# Nmap Commands

## Nmap Scan Top Ports

```python
nmap -A -v --top-ports 20
```

### Nmap Scan on List of Hosts

```
nmap -A -v -iL Hosts.txt -oN output.txt
```

## Masscan

Massscan full port scan for TCP and UDP Both

```python
masscan -p1-65535,U:1-65535 --rate=1000 10.10.10.74 -e tun0  
```

## Rustscan with Nmap (Fast Port Scanning)

This command Finds out Open Ports Quicky, then Passes the ports to Nmap with -A Flag to do Aggressive Scan

```python
rustscan -a 10.10.68.208 -- -A # Single IP

rustscan -a 192.168.1.1,192.168.1.2,192.168.1.3 -- -A  # Multiple IPs

```

<figure><img src="https://3420091786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fy1ZUO45eHY8aMCLJ7OiN%2Fuploads%2F4xoRDc9kHqP8U8grF9ZG%2Fimage.png?alt=media&#x26;token=fa3efac2-9169-4680-a2ba-cc9f34deabab" alt=""><figcaption></figcaption></figure>

## Get IP, MAC && Vendor Name

```python
 nmap -sn 172.26.10.0/24 | grep -E "Nmap scan report|MAC Address" | awk '/Nmap scan report/ {ip=$5} /MAC Address/ {print ip, $3, $4, $5}'
```

<figure><img src="https://3420091786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fy1ZUO45eHY8aMCLJ7OiN%2Fuploads%2FqSqVUGrACAoQ8DSR7pUA%2Fimage.png?alt=media&#x26;token=3969e0b4-f6da-46bb-b417-d46a7be1e3d4" alt=""><figcaption></figcaption></figure>

## Get Only IP IPaddress

```python
nmap -sn 172.26.10.0/24 | grep "Nmap scan report" | awk '{print $5}'
```

<figure><img src="https://3420091786-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fy1ZUO45eHY8aMCLJ7OiN%2Fuploads%2FsQ1wrT7VyhJ1pnu8Ipy1%2Fimage.png?alt=media&#x26;token=d07f3e73-3ef3-4bd5-87e4-006c9f9f71c7" alt=""><figcaption></figcaption></figure>

## Port Scan Script On all Ips

```python
while read ip; do        
  echo "Port scan for $ip:" >> port_scan_results.txt
  nmap -A $ip >> port_scan_results.txt      
  echo "------------------------" >> port_scan_results.txt
done < ips.txt

```