Network Reconnaissance Playground
Explore Nmap scanning techniques in a safe, simulated environment.
No real network activity — pure educational aesthetics.
terminal — nmap@monster
Welcome to nmap.monster — Network reconnaissance playground
Click a command below to run a simulated scan...
Quick commands:
Scan Presets
Nmap Cheat Sheet
Scan Types
-sS | TCP SYN scan (stealth, requires root) |
-sT | TCP connect scan (no root needed) |
-sU | UDP scan (slow but thorough) |
-sA | TCP ACK scan (firewall mapping) |
-sV | Service/version detection |
-O | OS detection |
-A | Aggressive: OS + version + scripts + traceroute |
Target Specification
192.168.1.1 | Single IP |
192.168.1.1-254 | IP range |
192.168.1.0/24 | CIDR notation |
scanme.nmap.org | Hostname |
-iL targets.txt | Read targets from file |
--exclude 192.168.1.5 | Exclude specific host |
Port Specification
-p 22 | Specific port |
-p 22,80,443 | Multiple ports |
-p 1-1000 | Port range |
-p- | All 65535 ports |
--top-ports 100 | Scan top N most common ports |
-F | Fast mode (100 most common ports) |
Host Discovery
-Pn | Skip host discovery (assume all hosts up) |
-PS22,80,443 | TCP SYN ping on specific ports |
-PA80 | TCP ACK ping |
-PU53 | UDP ping |
-PR | ARP ping (local network) |
-n | No DNS resolution (faster) |
Timing & Performance
-T0 | Paranoid (IDS evasion, very slow) |
-T1 | Sneaky (IDS evasion, slow) |
-T2 | Polite (less bandwidth) |
-T3 | Normal (default) |
-T4 | Aggressive (fast, assumes good network) |
-T5 | Insane (extremely fast, may miss results) |
NSE Scripts
--script vuln | Run vulnerability detection scripts |
--script default | Run default scripts |
--script http-enum | Enumerate web directories |
--script ssh-brute | SSH brute force |
--script-args | Pass arguments to scripts |
--script-help <name> | Show script documentation |
Output Options
-oN file.txt | Normal output to file |
-oX file.xml | XML output |
-oG file.txt | Grepable output |
-oA basename | Output in all formats |
-v | Verbose output |
-vv | Very verbose |
Firewall Evasion
-f | Fragment packets |
--mtu 24 | Set custom MTU |
-D RND:10 | Use decoy IPs |
--source-port 53 | Spoof source port |
--data-length 200 | Append random data |
--randomize-hosts | Randomize target order |
NOTE: This is a simulated environment. All scans are purely visual and educational. No actual network requests are performed.