Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Ohmyzsh
Commits
0dc7b5c0
Commit
0dc7b5c0
authored
Feb 12, 2015
by
uberspot
Browse files
add nmap plugin with some aliases for scan modes
parent
677acc3a
Changes
2
Show whitespace changes
Inline
Side-by-side
plugins/nmap/README.md
0 → 100644
View file @
0dc7b5c0
# Nmap aliases plugin
Adds some useful aliases for nmap similar to the profiles in zenmap.
Nmap options are:
*
-sS - TCP SYN scan
*
-v - verbose
*
-T1 - timing of scan. Options are paranoid (0), sneaky (1), polite (2), normal (3), aggressive (4), and insane (5)
*
-sF - FIN scan (can sneak through non-stateful firewalls)
*
-PE - ICMP echo discovery probe
*
-PP - timestamp discovery probe
*
-PY - SCTP init ping
*
-g - use given number as source port
*
-A - enable OS detection, version detection, script scanning, and traceroute (aggressive)
*
-O - enable OS detection
*
-sA - TCP ACK scan
*
-F - fast scan
*
--script=vulscan - also access vulnerabilities in target
## Aliases explained
*
nmap_open_ports - scan for open ports on target
*
nmap_list_interfaces - list all network interfaces on host where the command runs
*
nmap_slow - slow scan that avoids to spam the targets logs
*
nmap_fin - scan to see if hosts are up with TCP FIN scan
*
nmap_full - aggressive full scan that scans all ports, tries to determine OS and service versions
*
nmap_check_for_firewall - TCP ACK scan to check for firewall existence
*
nmap_ping_through_firewall - Host discovery with SYN and ACK probes instead of just pings to avoid firewall
restrictions
*
nmap_fast - Fast scan of the top 300 popular ports
*
nmap_detect_versions - detects versions of services and OS, runs on all ports
*
nmap_check_for_vulns - uses vulscan script to check target services for vulnerabilities
plugins/nmap/nmap.plugin.zsh
0 → 100644
View file @
0dc7b5c0
# Some useful nmap aliases for scan modes
# Nmap options are:
# -sS - TCP SYN scan
# -v - verbose
# -T1 - timing of scan. Options are paranoid (0), sneaky (1), polite (2), normal (3), aggressive (4), and insane (5)
# -sF - FIN scan (can sneak through non-stateful firewalls)
# -PE - ICMP echo discovery probe
# -PP - timestamp discovery probe
# -PY - SCTP init ping
# -g - use given number as source port
# -A - enable OS detection, version detection, script scanning, and traceroute (aggressive)
# -O - enable OS detection
# -sA - TCP ACK scan
# -F - fast scan
# --script=vulscan - also access vulnerabilities in target
alias
nmap_open_ports
=
"nmap --open"
alias
nmap_list_interfaces
=
"nmap --iflist"
alias
nmap_slow
=
"nmap -sS -v -T1"
alias
nmap_fin
=
"nmap -sF -v"
alias
nmap_full
=
"nmap -sS -T4 -PE -PP -PS80,443 -PY -g 53 -A -p1-65535 -v"
alias
nmap_check_for_firewall
=
"nmap -sA -p1-65535 -v -T4"
alias
nmap_ping_through_firewall
=
"nmap -PS -PA"
alias
nmap_fast
=
"nmap -F -T5 --top-ports 300"
alias
nmap_detect_versions
=
"nmap -sV -p1-65535 -O --osscan-guess -T4 -Pn"
alias
nmap_check_for_vulns
=
"nmap --script=vulscan"
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment