Introduction to Nmap
What is Nmap?
Nmap is known as Network Mapper. It is an open-source Linux command line tool that’s used to scan IP addresses and ports in a network and to detect installed applications. It is one of the famous network scanning tool used by penetration testers which allows us to detect network vulnerabilities in the system and many more.
Types of Nmap Scans
Generally, Nmap scans can be divided into two types:
- Host discovery: In host discovery, we find out which devices are up on the network, more specifically, the IP addresses of the devices. We do this by scanning a range of IP addresses with Nmap.
- Port scan: In port scan, we target one or multiple IP addresses on the network and find out what ports are open i.e., which ports have running applications that are accepting connections.
Then there’s something called as banner grabbing in Nmap which is actually shows the version number of the services, application or the particular OS which you’re scanning in. These are known as:
- Service detection
- OS detection
Types of Nmap Commands
Nmap help command
It shows all the lists of available commands which can be used
Basic scan of IP address using Nmap
It scans all the well known ports
Find active or live hosts with in a range of IP
It scans all the active or live hosts in the range of IP
nmap -sn 184.108.40.206/24
Scan a particular range of IP
It scans from the specific IP to specific IP which you have mentioned. For an example if you will mention from 220.127.116.11-158 then it will scan every IP like 18.104.22.168 and so on.
nmap -sn 22.214.171.124-158
Scan a single Port
It scans only a single port which you have mentioned
nmap -p 22 scanme.nmap.org
Scan specific Ports
It scans only specific ports which you have mentioned
nmap -p 22,80 scanme.nmap.org
Scan specific range of Ports
It scans specific range of ports which you have mentioned
nmap -p 20-30 scanme.nmap.org
Scan all ports in a single command
It scans all the ports(0-65535) in a network or IP
nmap -p- scanme.nmap.org (it might take some time to scan all the ports)
It scans all the 100 well known ports
nmap -p scanme.nmap.org
It shows the details in terminal which is about to run in the live scanning process.
nmap -v scanme.nmap.org
Scan specific domains in a single command
It helps to scan multiple domains at the same time
nmap scanme.nmap.org, testphp.vulnweb.com
If you really like this post then give your reaction and don’t forget to share with others.
Thank you for reading this and have a nice stay there!