Categories

Fast nmap scanning

Most of the time we need nmap to just do its job and present us with any available ports that may find in its default configuration which is usually the 1000 most popular ports. Other times though we need to scan fast and efficiently to list only open ports in the whole spectrum without any blows and whistles.

You can use any of the commands below depending on your needs.

nmap -sC -sV <TARGET_IP_ADDRESS>  Type: Normal
Scan the top 1000 most popular ports with the default nmap scripts (-sC) and with version detection (-sV) active.

nmap -Pn -T4 -v1 -p- <TARGET_IP_ADDRESS> Type: Ultra Fast
Scan all ports (-p-) (0-65535) without ping (-Pn) which helps treat all hosts as online and thus reduce the overall execution time.  We also specify the verbose mode (-v1) in order for nmap to list any open ports as soon as  it finds them and -T4 to set a higher timing template which speeds ups the process even more. For further information regarding the -T flag you can review the nmap man page.

nmap -nvv -Pn -sS --open <TARGET_IP_ADDRESS> Type: Fast
Scan without DNS resolving (-n), without ping (-Pn) while using the TCP SYN scan type (-sS) and listing only open ports (–open).

Table of Contents

Leave a Reply

Your email address will not be published. Required fields are marked *