Basis
- SYN Stealth Scan [-sS]
- FIN, Null and Xmas Tree Scans [-sF, -sN, -sX]
- Ping Scan [-sP]
- UDP Scan [-sU]
- IP Protocol Scans [-sO]
- -T paranoid|sneaky|polite|normal|aggressive|insane (Set a timing template)
- Version Detection [-sV]
- ACK Scan [-sA]
Variables come before the target: nmap <variable> <variable> <target>[3]
- -sS - This is a SYN stealth scan. It is less detectable than a standard scan, but may take longer. Many modern firewalls can detect an –sS scan.
- -sn - This is a ping scan. This will disable port scanning, and will only check to see if the host is online.
- -O - This is an operating system scan. The scan will attempt to determine the operating system of the target.
- -A - This variable enables several of the most commonly used scans: OS detection, version detection, script scanning, and traceroute.
- -F - This enables fast mode, and will reduce the number of ports scanned.
- -v - This will show more information in your results, making them easier to read.