hping3

sudo hping3 --scan all -S $(target)

 +----+-----------+---------+---+--- |port+----+-----------+---------+---+---    21 ftp    22 ssh    23 telnet    25 smtp    53 domain    80 http   111 sunrpc   139   445   512   513 login   514 shell  1099  1524  2049 nfs  2121 iprop  3306 mysql  3632 distcc  5432  6000 x11  6667 ircd  6697 ircs-u All replies received. Done. 

o-1-1>sudo hping3 --scan known -S $(target) href=#__codelineno-2-1>Scanning 10.0.2.5 (10.0.2.5), port known --+-----+-----+ class=p>| serv name |  flags  |ttl| id  | win | len | --+-----+-----+ : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 netbios-ssn: .S..A...  64     0  5840    46 microsoft-d: .S..A...  64     0  5840    46 exec       : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 rmiregistry: .S..A...  64     0  5840    46 ingreslock : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 postgresql : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46 : .S..A...  64     0  5840    46
 Common arguments
    Argument  Description  
 
   -c  Send a particular number of packets  
  -t  The packet TTL (default 64)  
  -s  Source TCP port (random by default)  
  -d  Destination TCP port  
  -S  Set the TCP SYN flag  
  -F  Set the TCP FIN flag  
  -A  Set the ACK flag  
 
 
 Other
    Command  Description  
 
   sudo hping3 -1 -c 10 michalszalkowski.com  hping3 will act like an ordinary ping utility, sending ICMP-reverberation und getting ICMP-reply  
  sudo hping3 --traceroute -V -1 michalszalkowski.com  hping3 will act like popular utilities like tracert (windows) or traceroute (linux) who utilizes ICMP packets expanding each time in 1 its TTL value.  
  sudo hping3 -c 3 -S -p 80 10.0.2.5  Send three TCP SYN probes to port 80 of 10.0.2.5  
  sudo hping3 -V -S -c 1 -p 80 -A michalszalkowski.com  This scan could be utilized to check whether a host is alive (when Ping is blocked). This ought to send a RST response TCP port is open.  
  sudo hping3 -V -S -c 1 -p 80 -UPF michalszalkowski.com  This scan sets the succession number to zero and set the URG + PSH + FIN signals in the packet. On the off chance that the focus on gadget’s TCP port is shut, the target gadget sends a TCP RST bundle in answer. In the event that the focus on gadget’s TCP port is open, the target disposes of the TCP Xmas output, sending no answer.  
  sudo hping3 -V -S -c 1 -p 80 -Y michalszalkowski.com  This scan sets the arrangement number to zero and have no flag set in the packet. On the off chance that the focus on device’s port is shut, the target device sends a TCP RST packet in answer. In the event that the target device’s TCP port is open, the target device of the TCP NULL output, sending no reply.

Argument	Description
-c	Send a particular number of packets
-t	The packet TTL (default 64)
-s	Source TCP port (random by default)
-d	Destination TCP port
-S	Set the TCP SYN flag
-F	Set the TCP FIN flag
-A	Set the ACK flag

Command	Description
sudo hping3 -1 -c 10 michalszalkowski.com	hping3 will act like an ordinary ping utility, sending ICMP-reverberation und getting ICMP-reply
sudo hping3 --traceroute -V -1 michalszalkowski.com	hping3 will act like popular utilities like tracert (windows) or traceroute (linux) who utilizes ICMP packets expanding each time in 1 its TTL value.
sudo hping3 -c 3 -S -p 80 10.0.2.5	Send three TCP SYN probes to port 80 of 10.0.2.5
sudo hping3 -V -S -c 1 -p 80 -A michalszalkowski.com	This scan could be utilized to check whether a host is alive (when Ping is blocked). This ought to send a RST response TCP port is open.
sudo hping3 -V -S -c 1 -p 80 -UPF michalszalkowski.com	This scan sets the succession number to zero and set the URG + PSH + FIN signals in the packet. On the off chance that the focus on gadget’s TCP port is shut, the target gadget sends a TCP RST bundle in answer. In the event that the focus on gadget’s TCP port is open, the target disposes of the TCP Xmas output, sending no answer.
sudo hping3 -V -S -c 1 -p 80 -Y michalszalkowski.com	This scan sets the arrangement number to zero and have no flag set in the packet. On the off chance that the focus on device’s port is shut, the target device sends a TCP RST packet in answer. In the event that the target device’s TCP port is open, the target device of the TCP NULL output, sending no reply.