Nmap
TCP
Scan top 1000 ports on range
nmap -sT 192.168.1.1
Scan using ICMP requests
nmap -sn 192.168.1.1
Scan specific port
nmap -p 80 192.168.1.1
OS fingerprinting
nmap -O 192.168.1.1
Banner Grabbing/Service Enumeration
nmap -sV 192.168.1.1
SMB
nmap 192.168.1.1 --script smb-os-discovery.nse