🔍 Nmap scans

TCP Scan

• #nmap_tcp

sudo nmap -sS -T4 -p- -sV -sC -vv 192.168.107.201 | tee tcp_all_ports

Or (S1ren nmap command Slower but more reliable )

sudo nmap -p- -sC -sV 192.168.107.201 --open | tee tcp_all_ports

• #nmap_udp

sudo nmap -sU -T4 -p- -sV -sC -vv 192.168.107.201 | tee udp_all_ports

• #autorecon

sudo $(which autorecon)

sudo env "PATH=$PATH" autorecon

Specific port scan

Find which machines have the ssh port open from the provided machines list

nmap -p 22 --open -iL internal_win_machines