Update NMAP_cheat_sheet.md

cheat_sheets/NMAP_cheat_sheet.md

@@ -18,10 +18,40 @@ If no port range is specified, Nmap scans the 1,000 most popular ports.
 -p0- Leaving off end port in range makes Nmap scan through p
 ```
 
+## Port Status
+
+- Open: This indicates that an application is listening for connections on this port.
+- Closed: This indicates that the probes were received but there is no application listening on this port.
+- Filtered: This indicates that the probes were not received and the state could not be established. It also indicates that the probes are being dropped by some kind of filtering.
+- Unfiltered: This indicates that the probes were received but a state could not be established.
+- Open/Filtered: This indicates that the port was filtered or open but Nmap couldn’t establish the state.
+- Closed/Filtered: This indicates that the port was filtered or closed but Nmap couldn’t establish the state.
+
+## Probing Options
+
+- `-Pn`: Don't probe (assume all hosts are up)
+- `-PB`: Default probe (TCP 80, 445 & ICMP)
+- `-PS<portlist>` : Checks if ssytems are online by probing TCP ports
+- `-PE`: Using ICMP Echo Request
+- `-PP`: Using ICMP Timestamp Request
+- `-PM`: Using ICMP Netmask Request
+
 ## Nmap Scripting Engine
 
 The full list of Nmap Scripting Engine scripts: http://nmap.org/nsedoc/
 
+`nmap -sC` runs default scripts...
+
+Running individual or groups of scripts:
+`nmap --script=<ScriptName>| <ScriptCategory>|<ScriptDir>`
+  
+Using the list of script arguments:
+`nmap --script-args=<Name1=Value1,...>`
+
+Updating the script database:
+`nmap --script-updatedb`
+
+
 Some particularly useful scripts include:
 
 - dns-zone-transfer: Attempts to pull a zone file (AXFR) from a DNS server.
@@ -60,3 +90,5 @@ The most common Nmap scripting engine categories:
 - safe: Designed not to impact target in a negative fashion.
 - version: Measure the version of software or protocols on the target hosts.
 - vul: Measure whether target systems have a known vulnerability.
+
+