Nmap Notes

Logging Nmap

Ping only

Scripts

nmap -sV --script ssl-enum-ciphers -p 443 <hosts>

Windows Hostname discovery

nmap -sS -sU -p U:137,T:139 --script nbstat --script smb-os-discovery.nse <hosts>

Nmap scan report for 192.168.1.2
Host is up (0.19s latency).

PORT    STATE SERVICE
139/tcp open  netbios-ssn
137/udp open  netbios-ns

Host script results:
|_nbstat: NetBIOS name: SERVERNAME, NetBIOS user: <unknown>, NetBIOS MAC: 00:01:9e:76:5d:6c (VENDOR)
| smb-os-discovery: 
|   OS: Windows Server 2003 R2 3790 Service Pack 2 (Windows Server 2003 R2 5.2)
|   OS CPE: cpe:/o:microsoft:windows_server_2003::sp2
|   Computer name: servername
|   NetBIOS computer name: SERVERNAME\x00
|   Domain name: domain
|   Forest name: domain
|   FQDN: servername.domain
|_  System time: 2017-06-15T17:09:37-05:00