← Back to search

Nmap Top UDP Scan

reconchecklist

Summary

Run against discovered subdomains as well.

Walkthrough

Scan the top UDP ports for services like SNMP, DNS, or TFTP that TCP scans miss. A hit is any open UDP port with a recognizable service response; repeat against discovered subdomains and hostnames.

Commands

bash

nmap <IP> -sU -top-ports=100 --min-rate=20000