Nmap

Network Mapper (Nmap) : port scanner.

export IP=<IP>
nmap -A -T4 -p- $IP -vv > "$IP-full_scan.txt"

1 Nmap switches

Switch	Flag
Syn scan	`-sS`
UDP scan	`-sU`
Operating System discovery	`-O`
Version of services	`-sV`
Increase verbosity	`-v`
Increase verbosity lvl 2	`-vv`
Output in 3 major formats	`-oA`
Normal format output	`-oN`
Grepable format output	`-oG`
Aggressive mode (service, OS, traceroute & common script scanning)	`-A`
Timing template 5	`-T5`
Scan port 80 and from 443 to 500	`-p 80, 443-500`
Scan ALL ports	`-p-`
Activate script	`--script`
Activate all scripts in the vuln category	`--script=vuln`