Identify Ports/Hosts/Data
Full TCP Scan
# Nmap_Scan_TCP
nmap -Pn -n -v $ip -p- --min-rate 5000 -oA $ip
# Grep_PortOpen
cat nmap.txt | grep open | awk -F / '{print $1}' | sed -z "s/\n/,/g" | head -c-1
grep -oP '\d{1,5}/open' $ip.gnmap | awk -F/ '{print $1}' | sed -z 's/\n/,/g' | head -c-1
# Enumerate_Service
nmap -Pn -n -v -pxxx $ip -T4 -sC -sV -oX $ip.xml; xsltproc $ip.xml -o $ip.htmlUDP Scan
# Nmap_Scan_UDP
sudo nmap -Pn -n -v $ip -sU -p- --min-rate 5000 -oA $ip
# Grep_PortOpen
grep -oP '\d{1,5}/open' $ip.gnmap | awk -F/ '{print $1}' | sed -z 's/\n/,/g' | head -c-1
# Enumerate_Service
sudo nmap -Pn -n -v -sU -p137 $ip -T4 -sC -sV -oX $ip.xmlGrep Port Open with Powershell
#Save nmap open port into > nmap.txt file
$file = "C:\test.txt"
$filecontent = Get-Content $file
$newfile = Foreach($line in $filecontent){
($line.split('/'))[0]
}
$newfile | Set-Content $file
(Get-content $file) -join ","
PS C:\> .\split.ps1
135,139,445,3389Nmap Script
# List down all the nmap script
grep -r categories /usr/share/nmap/scripts/*.nse # Search base on category
grep -r categories /usr/share/nmap/scripts/*.nse | grep safe | awk -F: '{print $1}'
# Scan with Safe Script Only
sudo nmap --script safe -Pn -n -v -pxxx $ip -oX $ip-safe.xml
# Scan with "Safe and Default" Script# Search for anything in the between quote
grep -r categories /usr/share/nmap/scripts/*.nse | grep -oP '".*?"' | sort -u Host Discover with Fping
fping -q -a -r 1 < subnet1.txt
fping -a -g 10.10.10.0/24 2>/dev/nullPing Sweep in Window
# Powershell
for ($i = 1; $i -lt 255; $i++) {
Test-Connection "10.10.10.$i" -Count 1 -ErrorAction SilentlyContinue
}
# CMD
for /L %i in (1,1,255) do @ping -n 1 -w 200 10.10.10.%i > nul && echo 10.10.10.%i is up.Ping Sweep with Bash
for i in {1..255}; do (ping -c 1 192.168.1.${i} | grep "bytes from" &); donePing Sweep with Nmap
sudo nmap -sP -PE 10.10.10.0/24
sudo nmap -PR -sn 10.10.10.0/24 #Arp
sudo nmap -PE -sn 10.10.10.0/24 #ICMPGenerate IP in Window
# CMD
for /L %x in (1, 1, 10) do echo 192.168.1.%x >> ip.txt
# Bat File
@echo OFF
for /L %%x in (1, 1, 10) do echo 192.168.1.%%x >> ip.txtGenerate list of IP by bash
#!/bin/bash
echo "1- Generate Sample IPs [10.10.10.x] "
echo "2- Generate Sample IPs [10.10.x.1] "
echo "3- Generate Sample IPs [10.x.10.1] "
read choice
if [ "$choice" == "1" ];
then
echo "Enter your IP Range: "
read IP
for i in {1..254};
do
echo $IP.$i >> $IP.txt;
done
fi
if [ "$choice" == "2" ];
then
echo "Enter your first block: "
read IP
echo "Enter your fourth block: "
read IP1
for i in {1..254};
do
echo $IP.$i.$IP1 >> $IP.x.$IP1.txt;
done
fi
if [ "$choice" == "3" ];
then
echo "Enter your first block: "
read IP
echo "Enter your third block: "
read IP1
echo "Enter your Fourth block: "
read IP2
for i in {1..254};
do
echo $IP.$i.$IP1.$IP2 >> $IP.x.$IP1.$IP2.txt;
done
fi└─$ ./gen.sh
1- Generate Sample IPs [10.10.10.x]
2- Generate Sample IPs [10.10.x.1]
3- Generate Sample IPs [10.x.10.1]
1
Enter your IP Range:
10.10.10Ipv6 Discovery
sudo atk6-alive eth0Last updated
