By name: nmap-usage description: | Professional nmap scanning techniques and optimization for penetration testing. Use this skill when you need to perform network reconnaissance, port scanning, or service enumeration during authorized security assessments. version: "1.0.0" author: "Hackbot Security Team" tags: ["reconnaissance", "network", "scanning", "nmap"] triggers: ["scan", "port", "network", "nmap", "recon"] prerequisites: ["authorized_target", "network_access"]
Nmap Professional Scanning Techniques
Overview
This skill provides advanced nmap scanning techniques optimized for penetration testing engagements.
Timing Optimization
Aggressive Timing (-T4)
Use for fast, reliable scanning on known networks:
nmap -T4 -sS <target>
Stealth Timing (-T2)
Use when avoiding detection is critical:
nmap -T2 -sS -f --data-length 50 <target>
Parallel Scanning
nmap --min-parallelism 100 -p- <target>
Port Selection Strategies
Quick Discovery
nmap --top-ports 100 <target>
Full Port Scan
nmap -p- <target>
Specific Port Ranges
nmap -p 80,443,8080,8443 <target>
Service Detection
Version Detection
nmap -sV --version-intensity 9 <target>
Lightweight Detection
nmap -sV --version-light <target>
OS Detection
Aggressive OS Detection
nmap -O <target>
With Version + Script
nmap -A <target>
Output Formats
XML (for parsing)
nmap -oX report.xml <target>
Grepable
nmap -oG report.gnmap <target>
All Formats
nmap -oA report <target>
Useful NSE Scripts
Vulnerability Scanning
nmap --script vuln <target>