Nmap
Network scanner for host and service discovery
Methods10 commands
#network#scanning#enumeration#essential
Installation
1Install via package manager
2Verify installation
3Update scripts
# Kali/Debian
apt install nmap
# macOS
brew install nmap
# Windows
Download from nmap.org
# Verify
nmap --version
# Update scripts
nmap --script-updatedbBasic Usage
Scan networks, discover hosts, and enumerate services
# Basic scan
nmap 192.168.1.1
# Full port scan
nmap -p- 192.168.1.1
# Service version detection
nmap -sV 192.168.1.1
# OS detection
nmap -O 192.168.1.1
# Aggressive scan
nmap -A 192.168.1.1
# Scan with scripts
nmap --script=vuln 192.168.1.1Command Reference
10 commands
1SYN scan (stealth)
-sS2TCP connect scan
-sT3UDP scan
-sU4Service version detection
-sV5OS detection
-O6Aggressive scan
-A7Port specification
-p8Run NSE scripts
--script9Output format
-oN/-oX10Timing template
-T0-5When to Use
1
Initial network reconnaissance2
Service enumeration3
Vulnerability discovery4
Port scanning5
Network mappingNotes & Tips
1
SYN scan requires root privileges2
Use -T2 or lower for stealth3
Scripts can be noisy - use carefully4
Always stay within scopeCommon Errors & Solutions
Requires root
Run with sudo for SYN scans
Host seems down
Use -Pn to skip ping check