Created
March 4, 2020 22:07
-
-
Save sec-js/91ecd5226efc106234450db1a5b74735 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Available profiles | |
| Fast scan | |
| -F -T4 --max-retries 1 | |
| Web scan | |
| -p- -sV --version-all --script "http-* and not(dos or brute)" | |
| Full Service Scan | |
| -sV --version-all -p- -sT | |
| SMB Scan | |
| --script "smb* and not(dos or brute)" -p139,445 -sU -sT | |
| Full UDP Scan | |
| -sU -sC -p- | |
| Intense Scan (Zenmap) | |
| -T4 -A -v | |
| Intense All-Ports (Zenmap) | |
| -p 1-65535 -T4 -A -v | |
| Intense Scan plus UDP (Zenmap) | |
| -sS -sU -T4 -A -v | |
| Ping Scan (Zenmap) | |
| -sn | |
| Quickscan (Zenmap) | |
| -T4 -F | |
| Quickscan Plus (Zenmap) | |
| -sV -T4 -O -F --version-light | |
| Quick Traceroute (Zenmap) | |
| -sn --traceroute | |
| Slow Comprehensive Scan (Zenmap) | |
| -sS -sU -T4 -A -v -PE -PS80,443 -PA3389 -PP -PU40125 -PY --source-port 53 --script "default or (discovery and safe) | |
| OS detection | |
| -O --osscan-guess | |
| Bacnet Scan | |
| --script bacnet-info -sU -p47808 | |
| Broadcast Scan | |
| -sn --script broadcast | |
| DDOS Reflectors UDP Scan | |
| âsU âA âPN ân âpU:19,53,123,161 --script=ntp-monlist,dns-recursion,snmp-sysdescr | |
| DDOS Slowloris Check Scan | |
| -p- -sV --script http-slowloris-check | |
| DNS Enum Scan | |
| -sn --script dns-brute | |
| ENIP Scan | |
| --script enip-info -sU -p44818 | |
| HTTP WAF Scan | |
| -p- -sV --script http-waf-detect,http-waf-fingerprint | |
| HTTP Enum Scan | |
| -p- -sV --script http-enum | |
| HTTP Scan | |
| -p- -sV --script "http-* and not(dos or brute)" | |
| HTTP Shellshock Scan | |
| -p- -sV --script http-shellshock | |
| HTTP MS15-034 Scan | |
| -p80,433 -sV --script http-vuln-cve2015-1635 | |
| HTTP IIS Short Name Scan | |
| -p- -sV --script http-iis-short-name-brute | |
| IP Address Info Scan | |
| -sn --script hostmap-ip2hosts,hostmap-bfk,hostmap-robtex,asn-query,whois-* | |
| JDWP Scan | |
| -p- -sV --script jdwp-info,jdwp-version | |
| HTTP Phpself XSS Scan | |
| -p- -sV --script http-phpself-xss | |
| RPC Scan | |
| -p- -sV --script rpc-grind | |
| S7 Scan | |
| --script s7-info.nse -p102 | |
| SCADA Modbus Scan | |
| --script modbus-discover --script-args=modbus-discover.aggressive=true -p 502 | |
| SSL Scan | |
| -p- -sV --script ssl* | |
| SSL Heartbleed Scan | |
| -p- -sV --script ssl-heartbleed | |
| SMB Signing Scan | |
| --script smb-security-mode -p139,445 -sU -sT | |
| SMB Vuln Scan | |
| --script smb-vuln-* -p139,445 -sU -sT | |
| VNC Scan | |
| -p- -sV --script vnc-info | |
| Vuln Scan | |
| -p- -sV --script vuln | |
| Wordpress User Enum Scan | |
| -p80 -sV --script http-wordpress-users | |
| Wordpress Enum Scan | |
| -p- -sV --script http-wordpress-enum --script-args check-latest=true | |
| Full Service TCP Connect scripts | |
| -sV --version-all -p- -sT -sC | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment