# Quick scan
nmap -sV -sC target.com
# Full port scan
nmap -p- -sV -sC -A target.com
# UDP scan
nmap -sU -p 53,67,68,161 target.com
# Stealth SYN scan
nmap -sS target.com
# Vulnerability scan
nmap --script vuln target.com
# Scan network range
nmap -sn 192.168.1.0/24# Ettercap
ettercap -T -M arp:remote /target_ip/ /gateway_ip/
# Bettercap
bettercap -iface eth0
> set arp.spoof.targets target_ip
> arp.spoof on
> net.sniff on
# Wireshark capture
wireshark -i eth0