Nmap

Nmap is short for Network Mapper. It is an open-source Linux command-line tool that is used to scan IP addresses and ports in a network and to detect installed applications.

Nmap allows network admins to find which devices are running on their network, discover open ports and services, and detect vulnerabilities.

Why use Nmap?

There are a number of reasons why security pros prefer Nmap over other scanning tools.First, Nmap helps you to quickly map out a network without sophisticated commands or configurations. It also supports simple commands (for example, to check if a host is up) and complex scripting through the Nmap scripting engine.

Features of Nmap include:

●Ability to quickly recognize all the devices including servers, routers, switches, mobile devices, etc on single or multiple networks.

●Helps identify services running on a system including web servers, DNS servers, and other common applications. Nmap can also detect application versions with reasonable accuracy to help detect existing vulnerabilities.

●Nmap can find information about the operating system running on devices. It can provide detailed information like OS versions, making it easier to plan additional approaches during penetration testing.

●During security auditing and vulnerability scanning, you can use Nmap to attack systems using existing scripts from the Nmap Scripting Engine.

●Nmap has a graphical user interface called Zenmap. It helps you develop visual mappings of a network for better usability and reporting.

Ping scan — Scans the list of devices up and running on a given subnet.

> nmap -sp 192.168.1.1/24

Scan a single host — Scans a single host for 1000 well-known ports. These ports are the ones used by popular services like SQL, SNTP, apache, and others.

> nmap scanme.nmap.org