Free and open source utility for network discovery and security auditing
Nmap is a network exploration tool and security/port scanner. It uses raw IP packets to determine what hosts are available on the network, what services those hosts are offering, what operating systems they are running, and dozens of other characteristics.
Host Discovery - Identify live hosts on a network
Port Scanning - Discover open ports and running services
OS Detection - Fingerprint operating systems
Service Detection - Identify service versions
Vulnerability Detection - Built-in NSE scripts for vulnerability scanning
# Discover hosts on local networknmap -sn 192.168.1.0/24
# Basic port scannmap scanme.nmap.org
Security Auditing
1
2
3
4
5
# Comprehensive scan with OS detectionnmap -A -T4 target.com
# Vulnerability scan using NSE scriptsnmap --script vuln target.com
Service Discovery
1
2
3
4
5
# Service version detectionnmap -sV target.com
# Common ports scannmap --top-ports 1000 target.com
Essential Nmap Commands
Command
Description
nmap -sS target
SYN stealth scan
nmap -sU target
UDP scan
nmap -O target
OS detection
nmap -A target
Aggressive scan (OS, version, script, traceroute)
nmap -p 80,443 target
Scan specific ports
nmap --script=safe target
Run safe NSE scripts
NSE (Nmap Scripting Engine)
Nmap includes hundreds of scripts for:
Vulnerability detection
Malware discovery
Network discovery
Version detection
Backdoor detection
1
2
3
4
5
# List available scriptsnmap --script-help all
# Run specific script categorynmap --script auth target.com
Legal and Ethical Considerations
🚨 Warning: Only scan networks and systems you own or have explicit permission to test. Unauthorized scanning may be illegal and could be considered a hostile act.
Best Practices
Get Permission - Always obtain written authorization
Start Gentle - Use -T2 timing for less aggressive scans
Document Everything - Keep logs of your scanning activities
Stay Updated - Keep Nmap updated for latest features and scripts
CloakForge