Ping only

nmap -sn <hosts>

Lists of hosts

-iL list.txt

Grep-able

‘‘Note: this does not display vulnerability info’’

-oG - (or file name)

Grep display IP only

<nmap command> -oG - | grep "/open" | awk '{ print $2 }'

Grep vulnerability

Something like this may work:

nmap -sS -sU -p U:137,T:139 --script nbstat --script smb-os-discovery.nse <hosts> | grep -B 10 VULNERABLE

Scripts

nmap -sV --script ssl-enum-ciphers -p 443 <hosts>

Windows Hostname discovery

nmap -sS -sU -p U:137,T:139 --script nbstat --script smb-os-discovery.nse <hosts>

Nmap scan report for 192.168.1.2
Host is up (0.19s latency).

PORT    STATE SERVICE
139/tcp open  netbios-ssn
137/udp open  netbios-ns

Host script results:
|_nbstat: NetBIOS name: SERVERNAME, NetBIOS user: <unknown>, NetBIOS MAC: 00:01:9e:76:5d:6c (VENDOR)
| smb-os-discovery: 
|   OS: Windows Server 2003 R2 3790 Service Pack 2 (Windows Server 2003 R2 5.2)
|   OS CPE: cpe:/o:microsoft:windows_server_2003::sp2
|   Computer name: servername
|   NetBIOS computer name: SERVERNAME\x00
|   Domain name: domain
|   Forest name: domain
|   FQDN: servername.domain
|_  System time: 2017-06-15T17:09:37-05:00

Ping only#

Lists of hosts#

Grep-able#

Grep display IP only#

Grep vulnerability#

Scripts#

Ping only

Lists of hosts

Grep-able

Grep display IP only

Grep vulnerability

Scripts