Network Mapper — Panduan Lengkap dari Basic sampai Advanced
Di Generate oleh Claude Sonnet 4.6 Extended
Level: Basic
| Perintah | Deskripsi |
|---|---|
nmap 192.168.1.1 |
Scan satu host/IP |
nmap 192.168.1.1-254 |
Scan range IP |
nmap 192.168.1.0/24 |
Scan seluruh subnet /24 |
nmap -sn 192.168.1.0/24 |
Ping scan — hanya cek host aktif, tanpa port scan |
nmap -Pn 192.168.1.1 |
Skip host discovery, anggap semua host hidup |
nmap -PS 192.168.1.1 |
TCP SYN ping discovery |
nmap -PA 192.168.1.1 |
TCP ACK ping discovery |
nmap -PU 192.168.1.1 |
UDP ping discovery |
nmap -PE 192.168.1.1 |
ICMP echo request ping |
nmap --traceroute 192.168.1.1 |
Trace rute ke host target |
nmap -iL targets.txt |
Baca daftar target dari file |
nmap --exclude 192.168.1.5 192.168.1.0/24 |
Kecualikan IP tertentu dari scan |
Level: Basic
| Perintah | Deskripsi |
|---|---|
nmap -p 22 192.168.1.1 |
Scan port spesifik |
nmap -p 22,80,443 192.168.1.1 |
Scan beberapa port sekaligus |
nmap -p 1-1000 192.168.1.1 |
Scan range port |
nmap -p- 192.168.1.1 |
Scan semua 65535 port |
nmap --top-ports 100 192.168.1.1 |
Scan 100 port paling umum |
nmap -F 192.168.1.1 |
Fast scan — 100 port top (lebih cepat) |
nmap -p U:53,T:80 192.168.1.1 |
Scan UDP port 53 dan TCP port 80 |
Level: Intermediate
| Perintah | Deskripsi |
|---|---|
nmap -sS 192.168.1.1 |
TCP SYN scan (stealth) — default jika root |
nmap -sT 192.168.1.1 |
TCP connect scan — untuk non-root user |
nmap -sU 192.168.1.1 |
UDP scan — lebih lambat, perlu root |
nmap -sA 192.168.1.1 |
TCP ACK scan — deteksi firewall rules |
nmap -sW 192.168.1.1 |
TCP Window scan |
nmap -sN 192.168.1.1 |
TCP Null scan — tidak ada flag TCP |
nmap -sF 192.168.1.1 |
TCP FIN scan — hanya flag FIN |
nmap -sX 192.168.1.1 |
Xmas scan — FIN, URG, PSH flags aktif |
nmap -sM 192.168.1.1 |
TCP Maimon scan |
nmap -sI zombie 192.168.1.1 |
Idle/Zombie scan — IP spoofing via zombie host |
Level: Intermediate
| Perintah | Deskripsi |
|---|---|
nmap -sV 192.168.1.1 |
Deteksi versi service yang berjalan |
nmap -sV --version-intensity 9 192.168.1.1 |
Version detection intensitas maksimal (0-9) |
nmap -sV --version-light 192.168.1.1 |
Version detection ringan (intensitas 2) |
nmap -sV --version-all 192.168.1.1 |
Coba semua probe untuk version detection |
nmap -A 192.168.1.1 |
Aggressive: OS, version, script, traceroute sekaligus |
Level: Intermediate
| Perintah | Deskripsi |
|---|---|
nmap -O 192.168.1.1 |
OS detection (perlu root/admin) |
nmap -O --osscan-guess 192.168.1.1 |
Tebak OS walau tidak pasti |
nmap -O --osscan-limit 192.168.1.1 |
Hanya OS scan jika ada port terbuka & tertutup |
nmap -O --max-os-tries 3 192.168.1.1 |
Batasi percobaan OS detection |
Level: Intermediate
| Perintah | Deskripsi |
|---|---|
nmap -sC 192.168.1.1 |
Jalankan default scripts (sama dengan --script=default) |
nmap --script=http-title 192.168.1.1 |
Jalankan script spesifik |
nmap --script=http-* 192.168.1.1 |
Jalankan semua script HTTP |
nmap --script=vuln 192.168.1.1 |
Cek kerentanan umum |
nmap --script=auth 192.168.1.1 |
Script autentikasi (brute force, bypass) |
nmap --script=safe 192.168.1.1 |
Hanya jalankan script yang aman |
nmap --script=banner 192.168.1.1 |
Ambil banner dari service |
nmap --script=smb-vuln-* 192.168.1.1 |
Cek kerentanan SMB (EternalBlue dll) |
nmap --script=ssl-enum-ciphers -p 443 192.168.1.1 |
Enum cipher suite SSL/TLS |
nmap --script-args='user=admin,pass=1234' --script=http-auth 192.168.1.1 |
Kirim argumen ke script |
nmap --script-help http-title |
Lihat dokumentasi script tertentu |
nmap --script-updatedb |
Update database script NSE |
Level: Advanced
| Perintah | Deskripsi |
|---|---|
nmap --script=discovery 192.168.1.1 |
Kumpulkan informasi tambahan tentang host |
nmap --script=exploit 192.168.1.1 |
Script eksploitasi (gunakan dengan izin!) |
nmap --script=brute 192.168.1.1 |
Brute force login berbagai protokol |
nmap --script=dos 192.168.1.1 |
Script DoS — sangat hati-hati! |
nmap --script=intrusive 192.168.1.1 |
Script invasif — bisa crash service target |
nmap --script=ftp-anon -p 21 192.168.1.1 |
Cek akses FTP anonim |
nmap --script=dns-brute --script-args dns-brute.domain=target.com |
DNS subdomain brute force |
Level: Intermediate
| Perintah | Deskripsi |
|---|---|
nmap -T0 192.168.1.1 |
Paranoid — sangat lambat, IDS evasion |
nmap -T1 192.168.1.1 |
Sneaky — lambat untuk evasion |
nmap -T2 192.168.1.1 |
Polite — hemat bandwidth |
nmap -T3 192.168.1.1 |
Normal — default |
nmap -T4 192.168.1.1 |
Aggressive — lebih cepat, jaringan cepat |
nmap -T5 192.168.1.1 |
Insane — sangat cepat, mungkin miss port |
nmap --min-rate 1000 192.168.1.1 |
Kirim minimal 1000 paket per detik |
nmap --max-retries 1 192.168.1.1 |
Batasi retry per port |
nmap --host-timeout 30s 192.168.1.1 |
Timeout per host 30 detik |
Level: Basic
| Perintah | Deskripsi |
|---|---|
nmap -oN output.txt 192.168.1.1 |
Simpan output normal ke file |
nmap -oX output.xml 192.168.1.1 |
Simpan output format XML |
nmap -oG output.gnmap 192.168.1.1 |
Simpan output grepable |
nmap -oA output 192.168.1.1 |
Simpan semua format sekaligus (.nmap, .xml, .gnmap) |
nmap -v 192.168.1.1 |
Verbose — tampilkan lebih banyak info |
nmap -vv 192.168.1.1 |
Very verbose |
nmap -d 192.168.1.1 |
Debug mode |
nmap --open 192.168.1.1 |
Tampilkan hanya port yang terbuka |
nmap --reason 192.168.1.1 |
Tampilkan alasan status port |
nmap --packet-trace 192.168.1.1 |
Tampilkan semua paket yang dikirim/diterima |
Level: Advanced
| Perintah | Deskripsi |
|---|---|
nmap -f 192.168.1.1 |
Fragment paket — bypass beberapa firewall |
nmap --mtu 24 192.168.1.1 |
Set ukuran MTU custom untuk fragmentasi |
nmap -D RND:10 192.168.1.1 |
Decoy: 10 IP palsu acak + IP asli |
nmap -D 10.0.0.1,10.0.0.2 192.168.1.1 |
Decoy: IP palsu spesifik |
nmap -S 10.0.0.99 192.168.1.1 |
Spoof source IP address |
nmap -e eth0 192.168.1.1 |
Gunakan interface jaringan tertentu |
nmap --source-port 53 192.168.1.1 |
Spoof source port (misal port DNS 53) |
nmap --data-length 25 192.168.1.1 |
Tambah data acak di paket |
nmap --badsum 192.168.1.1 |
Kirim paket dengan checksum rusak |
nmap --proxies http://proxy:8080 192.168.1.1 |
Gunakan proxy/rantai proxy |
nmap --spoof-mac 0 192.168.1.1 |
Spoof MAC address acak |
nmap --spoof-mac Dell 192.168.1.1 |
Spoof MAC sesuai vendor |
Level: Advanced
| Perintah | Deskripsi |
|---|---|
nmap --script=http-enum -p 80,443 192.168.1.1 |
Enum direktori & file web umum |
nmap -sV -sC -p- --min-rate 5000 192.168.1.1 |
Full scan cepat untuk pentest (semua port) |
nmap -sn --script=nbstat 192.168.1.0/24 |
Ambil nama NetBIOS seluruh jaringan |
nmap -6 fe80::1 |
Scan target IPv6 |
nmap --script=broadcast-dhcp-discover |
Discover DHCP server di jaringan lokal |
nmap --script=targets-ipv6-multicast-echo |
Discover host IPv6 via multicast |
nmap --script=firewalk --traceroute 192.168.1.1 |
Identifikasi port yang di-filter firewall |
nmap --scanflags URGACKPSHRSTSYNFIN 192.168.1.1 |
Custom TCP flags untuk scan |
nmap --ip-options 'L 192.168.1.1 192.168.1.2' 192.168.1.1 |
Gunakan IP options untuk loose source routing |