Read data files from /usr/share/nmap

For example to load all scripts with names starting with ssh , run the command below on the terminal:. You can also select scripts using boolean expressions which you can build using the and , or , and not operators. And names in a Boolean expression may be a category, a filename from script.

To load all scripts omitting those in the vuln category, run this command on the terminal. The next command looks a little complicated but it is easy to understand, it selects scripts in the default, or broadcast categories, leaving out those with names starting with ssh Importantly, it is possible to combine categories, script names, a directory containing your custom scripts, or a boolean expression to load scripts, like this:.

Below is an example showing how to pass arguments to scripts with the —script-args option:. You can as well create your own useful custom audit files for other MySQL audits. In this article, we introduced you to the Nmap Script Engine and looked at how to find and use the various available scripts under different categories.

If you have any questions, do not hesitate to write back to us via the comment form below. TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! If you like what you are reading, please consider buying us a coffee or 2 as a token of appreciation. We are thankful for your never ending support. I have an online version here, just need to add more options: nmmapper.

Have a question or suggestion? Please leave a comment to start the discussion. Our output looked like this. The usual output will be quite long it depends on the server, of course. Additionally, it will provide us with the OS version at the end. The OS version is getting pulled from a nmap-os-db file located in the installation dir of the command.

In the example below, you will see a certain percentage of numbers next to the OS version. That is because nmap will pull the data from the database, and it will provide you with the closest OS version that it can find in the database. Here is the command output. As you can see, this command gives us quite a bit of information. The next command we will look at is very useful when we want to find out if there are any possible SQL injection vectors on our domain.

The syntax of the command would look like this. This command will scan port 80 in this case and look for any traces of mysql injections. Next, we will demonstrate how to save the output of our nmap commands and how we can compare them. If you want to save the output of your nmap command to a file. You can use this command:. This command will save our output into a file in three different formats. This is useful when we need to keep the output in case we need to compare it to the output that we will get after we have modified ports or firewalls.

This brings us to the file comparison option. When you want to compare two files containing nmap output, you can use the ndiff command. This will also show us the difference between the two servers and any open ports and the services listening on them. In addition, the -T flag can be added on every nmap command to show more finely grained timing controls for controlling the speed of a scan.

There are five scanning levels and each affects the intrusion detection level and will affect overall scan performance. The levels are denoted as follows. Please keep in mind that Nmap can be misused by malicious individuals who use it to find random vulnerabilities on servers. We will conclude this tutorial with this information. There are literally hundreds of options and combinations to use with the Nmap command. This is what makes the Nmap tool so useful and powerful. For more information, we suggest reading either the man pages for Nmap commands and official documentation for it.

Nmap is an excellent tool that is easily implemented on your server. If you have any issues implementing this software, give us a call at I am a Linux enthusiast and console gamer, dog lover, and amateur photographer. I've been working at Liquid Web for a bit less than two years. Always looking for knowledge to expand my expertise, thus tackling new technologies and solutions one day at a time. Join our mailing list to receive news, tips, strategies, and inspiration you need to grow your business.

Our Sales and Support teams are available 24 hours by phone or e-mail to assist. Search Search. Category, Requirements, and Software Version Used. Nmap Installation. The output of that command will look similar to this. Basic Nmap Commands. And you will get output similar to this:. Starting Nmap 6. Scan a Single Port. The output will look similar to this. Scan Multiple Ports. Scan a Port Range. This would be similar to the output it will provide.

Increasing send delay for Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more. Asked 9 months ago. Active 9 months ago. Viewed times. I found this question and tried the solution given accepted Can nmap take a list of ports to scan from a file? However, it didn't really work as expected.

Improve this question. Wolf Wolf 2 2 gold badges 3 3 silver badges 11 11 bronze badges.