Nmap

Definition

**Nmap** (short for **Network Mapper**) is an **open-source network scanning tool** used to discover hosts, services, and vulnerabilities on a network.

It’s often called the **Swiss Army knife** of network scanning because it can be used for everything from simple host discovery to complex security audits.

## What Nmap Does

1. **Host Discovery** – Find devices (computers, servers, routers, IoT devices) connected to a network.
2. **Port Scanning** – Identify open, closed, or filtered ports.
3. **Service Detection** – Determine which services and versions are running on those ports (e.g., HTTP, SSH, FTP).
4. **OS Fingerprinting** – Guess the target’s operating system.
5. **Vulnerability Detection** – With Nmap’s scripting engine, check for known security weaknesses.

---

## Why It’s Used

* **System administrators** use it for network inventory and monitoring.
* **Security professionals** use it for penetration testing and vulnerability assessment.
* **Incident responders** use it to quickly map affected systems during an investigation.

---

## Example Commands

```bash
# Scan a single host
nmap 192.168.1.10

# Scan a range of IP addresses
nmap 192.168.1.1-50

# Scan a host and detect services/versions
nmap -sV 192.168.1.10

# Aggressive scan with OS detection and script scanning
nmap -A example.com
```

---

## Further Reading

* [Official Nmap Website](https://nmap.org/) – Documentation, tutorials, and downloads.
* [Nmap Reference Guide](https://nmap.org/book/man.html) – Full list of features and command options.
* [Nmap Scripting Engine (NSE)](https://nmap.org/book/nse.html) – Extend Nmap with custom scripts for vulnerability detection.
* [Nmap Cheat Sheet (SANS)](https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blt6ad93b457769278b/5f8fca2f6ef5f61401a21b8d/NmapCheatSheetv1.1.pdf) – Quick command reference.

Nmap

Definition

Explore More Terms