hping3 <Target IP> -Q -p 139 -s: By using the argument -Q in the command line, Hping collects all the TCP sequence numbers generated by the target host.
hping3 –A <Target IP> –p 80: By issuing this command, Hping checks if a host is alive on a network. If it finds a live host and an open port, it returns an RST response.
hping3 -S <Target IP> -p 80 –tcp-timestamp: By adding the –tcp-timestamp argument in the command line, Hping enable TCP timestamp option and try to guess the timestamp update frequency and uptime of the target host.
hping3 –F –P –U 10.0.0.25 –p 80: By issuing this command, an attacker can perform FIN, PUSH, and URG scans on port 80 on the target host.
- CEH v10: module 3. Scanning