Go to#
nmap -p- <ip addr> -sCV -A -Pn --min-rate=20000Going through nmap scripts#
ls -al /usr/share/nmap/scripts/ | grep ftp-Top UDP#
nmap 10.129.18.188 -sU -top-ports=100 --min-rate=20000Useful Switches#
sn→ Ping sweepsS→ TCP SYNPn→ Disable host discoveryp-→ All portssV→ Version detectionA→ OS detect + scripts + tracerouteO→ OS detectionT4→ Faster scansC→ Default scripts
Port Knocking#
for i in 571 290 911; do
nmap -Pn --host-timeout 100 --max-retries 0 -p $i 10.10.10.43 >/dev/null
done
ssh -i ~/keys/id_rsa_nineveh_amrois amrois@10.10.10.43Filtered Ports#
nmap -p- --min-rate 10000 <ip>