NMAP

Nmap is a Security Scanner, Port Scanner, & Network Exploration Tool

• Background

• Installation

• Usage

  • Basic Usage

  • Scan Types

  • Targeting

  • Host Discovery

  • Port Discovery

  • OS Discovery

  • Service Discovery

  • Evasion

  • Output

  • Scripting

  • Timing Templates

  • Timing and Performance

• Resources

Background

Nmap is a popular security tool that can be used as a network exploration and port scanner. It can help you identify hosts and services on a network, as well as other valuable information like operating system details, open ports, services running on those ports, and potential vulnerabilities.

Installation

• Download: https://nmap.org/download.html

• Linux:

  Copy

  sudo apt-get update && upgrade
  sudo apt-get install nmap

Usage

Basic Usage

• Base Syntax: nmap [ScanType] [Options] {targets}

• Access Help: nmap -h

• Nmap Discovery Steps: 1. Enumerate Targets -> 2. Discover Live Hosts -> 3. Reverse DNS Lookup -> 4. Scan Ports -> 5. Detect Versions -> 6. Detect OS -> 7. Tracert -> 8. Run Scripts -> 9. Write Output

• TCP Flags:

  • URG: urgent incoming data

  • ACK: TCP receipt acknowledgement

  • PSH: promptly push data into application

  • RST: reset connection

  • SYN: synchornize initiates TCP handshake

  • FIN: sender has no more data to send

Scan Types

Targeting

Host Discovery

Port Discovery

OS Discovery

Service Discovery

Evasion

Output

Scripting

Timing Templates

Timing and Performance

Resources

• Nmap Reference Guide

• Nmap Officical Book

• NMAP Scripts Portal

• NMAP Script Usage

• NMAP Firewall Evasion Techniques

• Kali Nmap Guide

• Common Ports

• Nmap Cheat Sheet

• SANS Nmap Cheat Sheet

• Additional Scanning Tools:

  • arp-scan

  • masscan

  • ZMap