Network Mapper (Nmap) is an open-source and free network scanner used for security auditing and network discovery.
It is one of the most reliable and powerful tools for network and security professionals during penetration testing and vulnerability assessment.
And knowing its usage is essential, given Nmap’s flexibility, ease of use, accuracy, and high performance. Nmap is helpful in monitoring service uptime and hosts, network inventory, and more. The Nmap Scripting Engine (NSE) is also a great tool to help you write quick scripts and automate many network activities.
With so many options and commands, it’s hard for professionals to remember everything. This is why we have curated this list of best Nmap cheat sheets for you, where you can find useful commands with their objectives and examples to use when needed.
So, let’s check them out.
StationX: This Nmap cheat sheet by Nathan House is impressive with the right blend of all the Nmap commands with their descriptions and examples. The information is divided into different categories, enclosed in a box with subtle colors that make it easy to read and digest. You will find Nmap commands for target & port specification, scan techniques, host discovery, service & version detection, OS detection, timing & performance, NSE scripts, firewall & spoofing, output, and other helpful Nmap commands. Browse it online or download this Nmap cheat sheet as a PDF.
TutorialsPoint: This site is home to high-quality tutorials in diverse subjects. It features commands for basic scanning, discovery options, advanced scanning, port scanning, version detection, firewall evasive techniques, scripting engine, and troubleshooting & debugging. It also has an excellent Nmap cheat sheet to refer to for using Nmap commands quickly. They have also represented the information in an easy-to-understand way, highlighting the Nmap commands with their goals and examples for different categories.
cs.lewisu.edu: This Nmap cheat sheet is created by Yuval Nativ and contains different Nmap commands represented in a simple setup. You can download and save this file on your computer to revisit various Nmap commands for basic scanning, discovery options, version detection, firewall evasion techniques, output options, Ndiff, and Nmap Scripting Engine.
infosecsanyam.medium.com: If you are looking for a comprehensive Nmap cheat sheet to guide you while you recall some commands, this site is for you. The creator of this cheat sheet is Sanyam Chawla, with 1.4K followers on Medium. He has defined Nmap beautifully and highlighted other information like TCP/IP protocols, UDP & TCP, and other network terminologies. Next, he has presented Nmap commands with examples for scanning, output formats, Netbios, target and port specification, host discovery, service version detection, etc.
GitHub: Hop onto GitHub to find this fantastic Nmap cheat sheet by Jason Bauer. It serves as a reference guide to scan networks using Nmap. This is a detailed cheat sheet, including crucial information on Nmap and how to use it. Next, he has presented Nmap commands for basic scanning techniques, port scanning options, discovery options, firewall evasive techniques, advanced scanning options, timing options, output options, compare scans, troubleshooting, and Nmap Scripting Engine.
Comparitech: Another great venue to find Nmap cheat sheets is Compritech, where they have curated a comprehensive list of useful Nmap commands. They have also included Nmap + Nessus cheat sheet; so, if you use Nessus with Nmap, it will be super valuable for you to have all Nmap commands on your device as PDF/JPEG or bookmark on your browser. This cheat sheet contains multiple Nmap usage options, scanning syntax, scanning types, host discovery, post specifications, version detection, output formats, firewall proofing, and other miscellaneous commands.
Hakin9.org: The minimalist yet handy resource for a Nmap cheat sheet is by Hakin9. It is useful for both beginners and experienced network professionals to use Nmap commands whenever they need them. They have curated the commands with their respective syntax, descriptions, and examples. It has scanning command syntax, port specification options, host discovery, port scan types, port selection, Nmap scripts, Firewall proofing, output formats, scan options, and timing options.
Networkstraining.com: If you are looking for a resource that contains Nmap cheat sheets with some Nmap tutorials, try this resource. It has examples and case studies to help you better understand the concepts. You can also download the cheat sheet if you don’t want the tutorial part or save it on your browser to refer to as a complete guide. The cheat sheet has Nmap commands for scanning IP addresses, scan types, port commands, identifying version and OS, scan timings, discovering live hosts, output types, NSE scripts, and other helpful commands.
AllAboutTesting.org: This easy-to-follow Nmap cheat sheet is another one you can refer to, no matter if you are a beginner or expert network administrator. It has simple designing and representation of Nmap commands in different categories with goals and syntax or examples. It covers basic Nmap commands for scanning a target, target ports, scan type options, probing options, aggregate time options, and output formats. Additionally, it has advanced scripts like Nmap Scripting Engine and miscellaneous options.
Steflan-security.com: This straightforward Nmap cheat sheet can be your go-to guide to recall useful Nmap commands whenever you require them. It starts with a quick introduction to Nmap and proceeds to its syntax and commands. You will find Nmap commands for specifying ports and hosts, enumerating versions and services, identifying OS and version, specifying scan type, performing host discovery, configuring performance and firewall evasions, manipulating output, using Nmap Scripting Engine, and other useful commands.
The Nmap commands discussed above can help you learn potential targets, troubleshoot them, and protect your network from attacks and possible risks. Download them on your device or bookmark them on your browser to refer to them in need.
Check out this NMAP online course for ethical hacking.