Zenmap Scan Profile

scan_profile.usp

[All TCP ports scan]
command = nmap -sS -p 1-65535 -Pn
description = Scan all ports on a host.

[Common TCP connect scan]
command = nmap -sT -p 17,19,21,22,23,25,26,37,53,80,88,110,113,123,135,137,138,139,143,443,444,445,548,554,843,993,995,1027,1030,1064,1080,1194,1221,1433,2082,2083,2084,2086,2087,2095,2096,3074,3306,3333,3389,3784,4899,5631,5800,5900,6665-6669,6697,8000,8080,8088,10000,17500,32764 -n -Pn -r
description = Scan Common Used Ports

[Common TCP syn scan]
command = nmap -sS -p 17,19,21,22,23,25,26,37,53,80,88,110,113,123,135,137,138,139,143,443,444,445,548,554,843,993,995,1027,1030,1064,1080,1194,1221,1433,2082,2083,2084,2086,2087,2095,2096,3074,3306,3333,3389,3784,4899,5631,5800,5900,6665-6669,6697,8000,8080,8088,10000,17500,32764 -n -Pn -r
description = 

[Common TCP version scan]
command = nmap -sV -p 17,19,21,22,23,25,26,37,53,80,88,110,113,123,135,137,138,139,143,443,444,445,548,554,843,993,995,1027,1030,1064,1080,1194,1221,1433,2082,2083,2084,2086,2087,2095,2096,3074,3306,3333,3389,3784,4899,5631,5800,5900,6665-6669,6697,8000,8080,8088,10000,17500,32764 -n -Pn -r
description = 

[Honeypot Version Demo]
command = nmap -sV -p 1433,3306,4899,5900,8000,10000 -n -Pn -r
description = showing honeypot versions

[Intense scan]
command = nmap -T4 -A -v
description = An intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan.

[Intense scan plus UDP]
command = nmap -sS -sU -T4 -A -v
description = Does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) in addition to scanning TCP and UDP ports.

[Intense scan, all TCP ports]
command = nmap -p 1-65535 -T4 -A -v
description = Scans all TCP ports, then does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute).

[Intense scan, no ping]
command = nmap -T4 -A -v -Pn
description = Does an intense scan without checking to see if targets are up first. This can be useful when a target seems to ignore the usual host discovery probes.

[Ping scan]
command = nmap -sn
description = This scan only finds which targets are up and does not port scan them.

[Quick scan]
command = nmap -T4 -F
description = This scan is faster than a normal scan because it uses the aggressive timing template and scans fewer ports.

[Quick scan plus]
command = nmap -sV -T4 -O -F --version-light
description = A quick scan plus OS and version detection.

[Quick traceroute]
command = nmap -sn --traceroute
description = Traces the paths to targets without doing a full port scan on them.

[Random Telnet Scan (Show Open)]
command = nmap -sS -p 23 -n -iR 10 -Pn --open
description = Scan Random Hosts For Telnet

[Regular scan]
command = nmap
description = A basic port scan with no extra options.

[Slow comprehensive scan]
command = nmap -sS -sU -T4 -A -v -PE -PS80,443 -PA3389 -PP -PU40125 -PY --source-port 53 --script "default or (discovery and safe)"
description = This is a comprehensive, slow scan. Every TCP and UDP port is scanned. OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) are all enabled. Many probes are sent for host discovery. This is a highly intrusive scan.

[Telnet Internet Random]
command = nmap -sS -p 23 -n -iR 100 -Pn --open
description = Scan Random IPv4 For Telnet Open