Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
15 views2 pages

Nmap Complete Guide

Nmap is a free and open-source tool widely used for network discovery and security auditing by ethical hackers and system administrators. The guide covers installation on various operating systems, basic usage, common scanning options, advanced features, and the Nmap Scripting Engine (NSE) for enhanced functionality. Real-world use cases include internal network discovery, external vulnerability scans, and firewall rule analysis.

Uploaded by

Mustafa Abubakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
15 views2 pages

Nmap Complete Guide

Nmap is a free and open-source tool widely used for network discovery and security auditing by ethical hackers and system administrators. The guide covers installation on various operating systems, basic usage, common scanning options, advanced features, and the Nmap Scripting Engine (NSE) for enhanced functionality. Real-world use cases include internal network discovery, external vulnerability scans, and firewall rule analysis.

Uploaded by

Mustafa Abubakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Complete Guide to Nmap for Ethical Hacking

1. Introduction to Nmap

Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing. It is one

of the most widely used tools by ethical hackers and system administrators for mapping networks, identifying

hosts, scanning ports, detecting running services, discovering operating systems, and even finding

vulnerabilities.

2. Installing Nmap

Nmap is available on all major operating systems:

- Debian/Ubuntu: sudo apt install nmap

- CentOS/Fedora: sudo dnf install nmap

- macOS: brew install nmap

- Windows: Download from https://nmap.org/download.html

3. Basic Nmap Usage

Basic syntax:

nmap [options] <target>

Examples:

- nmap 192.168.1.1

- nmap 192.168.1.1 192.168.1.2

- nmap 192.168.1.1-50

- nmap 192.168.1.0/24

4. Common Scanning Options

-sS - TCP SYN Scan (Stealth): Sends SYN packets to detect open ports without completing handshake.

-sT - TCP Connect Scan: Completes TCP handshake using OS functions.

-sU - UDP Scan: Scans UDP ports for services like DNS, SNMP, etc.

-sA - ACK Scan: Used to map firewall rules by sending ACK packets.

-sN - NULL Scan: Sends no TCP flags. Can bypass some firewalls.

-p - Port Selection: Specify target ports (comma-separated or ranges).

-p- - Full Port Range: Scan all 65535 ports.

-T4 - Aggressive Timing: Speeds up scans on fast networks.

-Pn - No Ping: Skips host discovery, assumes host is up.


5. Advanced Features

- Version Detection: nmap -sV target.com

- OS Detection: nmap -O target.com

- Aggressive Scan: nmap -A target.com

- NSE Scripts: nmap --script=vuln target.com

- Output Options: -oN, -oX, -oG, -oA

6. Nmap Scripting Engine (NSE)

NSE allows scripting for vulnerability detection, brute force, and enumeration.

Example: nmap --script=http-enum target.com

7. Real-World Use Cases

- Internal network discovery during penetration tests

- External vulnerability scans

- Firewall rule analysis

- Web server enumeration

- IoT and device auditing

- Red team recon for lateral movement

You might also like