luukverhoeven/nmap-scanning.sh

## nmap-scanning.sh
# Scanning
# ----------------
# Get open ports
# Get banners
# Get service versions

# Ping Sweep fast scan / Discovery
nmap -sP 192.168.178.1-254
# no results try
nmap -sL 192.168.178.1

# Next Port scan
nmap -sS 192.168.178.1
nmap -sS -p 80 192.168.178.1

# no results try | firewalls
nmap -sS -T 5 -p 21,23,25,80,8080,1433,3306 80 192.168.178.1
nmap --scan-delay 15s -p
nmap --max-rate 0.1 -p
nmap -f -p
nmap -mtu 16 -p

# Next Bannergrab get correct version
nc 192.168.178.1 80
nmap -sV -p 80 192.168.178.1
openssl s_client -connect 192.168.178.1:443
# See cert version etc

# Scan NMAP 1433
nmap -p 445 --script ms-sql-info  192.168.178.1
nmap -p 1433 --script ms-sql-info --script-args mssql.instance-port=1433  192.168.178.1
	# Scanning
	# ----------------
	# Get open ports
	# Get banners
	# Get service versions

	# Ping Sweep fast scan / Discovery
	nmap -sP 192.168.178.1-254
	# no results try
	nmap -sL 192.168.178.1

	# Next Port scan
	nmap -sS 192.168.178.1
	nmap -sS -p 80 192.168.178.1

	# no results try \| firewalls
	nmap -sS -T 5 -p 21,23,25,80,8080,1433,3306 80 192.168.178.1
	nmap --scan-delay 15s -p
	nmap --max-rate 0.1 -p
	nmap -f -p
	nmap -mtu 16 -p

	# Next Bannergrab get correct version
	nc 192.168.178.1 80
	nmap -sV -p 80 192.168.178.1
	openssl s_client -connect 192.168.178.1:443
	# See cert version etc

	# Scan NMAP 1433
	nmap -p 445 --script ms-sql-info 192.168.178.1
	nmap -p 1433 --script ms-sql-info --script-args mssql.instance-port=1433 192.168.178.1