Tool

Commander

Copy-ready command templates for common penetration testing tools. Select a tool, fill in the parameters, copy, paste, profit.

nmap

↗ docs

Network exploration tool and security/port scanner

scanningnetworkreconports

Parameters

{target}*

{ports}*

{cidr}*

{scripts}*

{timing}*

{filename}*

SYN Scan (Stealth)

TCP SYN scan — fast and relatively stealthy. Requires root/admin.

nmap -sS

Service Version Detection

Probe open ports to determine service and version information.

nmap -sV

OS Detection

Enable OS fingerprinting. Requires root/admin.

nmap -O

Aggressive Scan

Enables OS detection, version detection, script scanning, and traceroute.

nmap -A

All Ports Scan

Scan all 65535 TCP ports.

nmap -p-

Port Range Scan

Scan a specific port or range of ports.

nmap -p

UDP Scan

Scan UDP ports. Slow — requires root/admin.

nmap -sU

Ping Sweep (Host Discovery)

Discover live hosts in a subnet without scanning ports.

nmap -sn

Skip Host Discovery

Treat all hosts as online and skip discovery phase.

nmap -Pn

NSE Script Scan

Run specific Nmap Scripting Engine (NSE) scripts.

nmap --script=

Vulnerability Scan

Run all vulnerability-check scripts from NSE.

nmap --script=vuln

Timing Template

Control scan speed. T0=paranoid (slowest), T5=insane (fastest).

nmap -T

Save Output (All Formats)

Save scan results to .nmap, .xml, and .gnmap files.

nmap -oA

Full Recon Scan

All-ports, SYN scan, version + OS detection with scripting.

nmap -sS -sV -O -p- --script=default -T4 -oA