https://www.youtube.com/watch?v=K2pHiKs3D-M
$ nmap <IP> ou testphpt.vulnweb.com
PORT STATE SERVICE
80/tcp open http
$ nmap -p80 -sV testphpt.vulnweb.com
PORT STATE SERVICE VERSION
80/tcp open http nginx 1.19.0
$ nmap -sn 192.168.1.0/24
# nmap -p 111 --open --script nfs-showmount,nfs-ls <IP_DST>
Referência
1 /2 /3 securitytrails.com/blog/top-15-nmap-commands-to-scan-remote-hosts