GitHub Support Pentest Everything

Nmap Commands for port discovery

Description

Nice and easy Nmap port scans for identifying open ports and outputting into a list of IP addresses.

# One liner for scanning addresses from file and displaying URL addresses in output
nmap -p 80,443,8080,8443,8000 --open -oG - -iL CIDR.txt | grep "/open" | awk '/80\/open/ {print "http://" $2 ":80"} /443\/open/ {print "https://" $2 ":443"} /8080\/open/ {print "http://" $2 ":8080"} /8443\/open/ {print "https://" $2 ":8443"} /8000\/open/ {print "http://" $2 ":8000"}'
# Scan for SSH (Port 22)
nmap <CIDR> -p 22 --open -oN SSH-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' SSH-ports.log | sort | uniq > SSH-Ports.txt && rm SSH-ports.log

# Scan for Telnet (Port 23)
nmap <CIDR> -p 23 --open -oN Telnet-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' Telnet-ports.log | sort | uniq > Telnet-Ports.txt && rm Telnet-ports.log

# Scan for FTP (Port 21)
nmap <CIDR> -p 21 --open -oN FTP-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' FTP-ports.log | sort | uniq > FTP-Ports.txt && rm FTP-ports.log

# Scan for SNMP (UDP Port 161)
sudo nmap <CIDR> -sU -p 161 --open -oN SNMP-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' SNMP-ports.log | sort | uniq > SNMP-Ports.txt && rm SNMP-ports.log

# Scan for IPMI (UDP Port 623)
sudo nmap <CIDR> -sU -p 623 --open -oN IPMI-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' IPMI-ports.log | sort | uniq > IPMI-Ports.txt && rm IPMI-ports.log

# Scan for HTTP (Port 80)
nmap <CIDR> -p 80 --open -oN HTTP-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' HTTP-ports.log | sort | uniq > HTTP-Ports.txt && rm HTTP-ports.log

# Scan for HTTPS (Port 443)
nmap <CIDR> -p 443 --open -oN HTTPS-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' HTTPS-ports.log | sort | uniq > HTTPS-Ports.txt && rm HTTPS-ports.log

# Scan for SMB (Port 445)
nmap <CIDR> -p 445 --open -oN SMB-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' SMB-ports.log | sort | uniq > SMB-Ports.txt && rm SMB-ports.log

# Scan for VNC (Port 5900)
nmap <CIDR> -p 5900 --open -oN VNC-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' VNC-ports.log | sort | uniq > VNC-Ports.txt

# Scan for NFS (Port 2049)
nmap <CIDR> -p 2049 --open -oN NFS-ports.log && awk '/Nmap scan report for/ {gsub(/[()]/, "", $NF); print $NF}' NFS-ports.log | sort | uniq > NFS-Ports.txt

Last updated