#NMAP most important parameters What does the following NMAP command -sL | List Scan - simply list targets to scan What does the following NMAP command -sn | Ping Scan - disable port scan What does the following NMAP command -Pn | Treat all hosts as online -- skip host discovery What does the following NMAP command -PS/PA/PU/PY[portlist] | TCP SYN/ACK, UDP or SCTP discovery to given ports What does the following NMAP command -PE/PP/PM | ICMP echo, timestamp, and netmask request discovery probes What does the following NMAP command -PO[protocol list] | IP Protocol Ping What does the following NMAP command -sS/sT/sA/sW/sM | TCP SYN/Connect()/ACK/Window/Maimon scans What does the following NMAP command -sU | UDP Scan What does the following NMAP command -sN/sF/sX | TCP Null, FIN, and Xmas scans What does the following NMAP command --scanflags | Customize TCP scan flags What does the following NMAP command -sI | Idle scan What does the following NMAP command -sY/sZ | SCTP INIT/COOKIE-ECHO scans What does the following NMAP command -sO | IP protocol scan What does the following NMAP command -sV | Probe open ports to determine service/version info What does the following NMAP command -sC | equivalent to --script=default What does the following NMAP command --script= | is a comma separated list of directories, script-files or script-categories What does the following NMAP command -O | Enable OS detection What does the following NMAP command -b | FTP bounce scan What does the following NMAP command -T<0-5> | Set timing template (higher is faster) What does the following NMAP command -p | Only scan specified ports What does the following NMAP command -F | Fast mode - Scan fewer ports than the default scan What does the following NMAP command -D | Cloak a scan with decoys What does the following NMAP command -S | Spoof source address What does the following NMAP command --open | Only show open (or possibly open) ports What does the following NMAP command -A | Enable OS detection, version detection, script scanning, and traceroute #NMAP less used parameters What does the following NMAP command -iL | Input from list of hosts/networks What does the following NMAP command -iR | Choose random targets What does the following NMAP command --exclude | Exclude hosts/networks What does the following NMAP command --excludefile | Exclude list from file What does the following NMAP command -n/-R | Never do DNS resolution/Always resolve [default: sometimes] What does the following NMAP command --dns-servers | Specify custom DNS servers What does the following NMAP command --system-dns | Use OS's DNS resolver What does the following NMAP command --traceroute | Trace hop path to each host What does the following NMAP command --exclude-ports | Exclude the specified ports from scanning What does the following NMAP command -r | Scan ports sequentially - don't randomize What does the following NMAP command --top-ports | Scan most common ports What does the following NMAP command --port-ratio | Scan ports more common than What does the following NMAP command --version-intensity | Set from 0 (light) to 9 (try all probes) What does the following NMAP command --version-light | Limit to most likely probes (intensity 2) What does the following NMAP command --version-all | Try every single probe (intensity 9) What does the following NMAP command --version-trace | Show detailed version scan activity (for debugging) What does the following NMAP command --script-args= | provide arguments to scripts What does the following NMAP command --script-args-file=filename | provide NSE script args in a file What does the following NMAP command --script-trace | Show all data sent and received What does the following NMAP command --script-updatedb | Update the script database. What does the following NMAP command --script-help= | Show help about scripts. What does the following NMAP command --osscan-limit | Limit OS detection to promising targets What does the following NMAP command --osscan-guess | Guess OS more aggressively. Options which take