Network Discovery & Security Auditing with Nmap

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

Hey Everyone, Today we are going to learn about Nmap, One of the best tool in the world of Penetration Testing.I will share top 15 commands of Nmap here(added some screenshots too).
Enjoy the Network Scanning…!!
What is Nmap?
Nmap (“Network Mapper”) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.
Top 15 Commands of nmap:
Target machine:metasploitable 2(
1.Single IP scan
nmap 1.PNG
2.Scan Multiple IP
3.Scan a Range of IP
4.Identify the Operating System of a host
#nmap -O
nmap OS.PNG
5. Exclude IP/Hosts/Networks From Nmap Scan
#nmap –exclude
#nmap –exclude
# nmap –exclude,126,127
6.Scan For Specific Ports
#nmap -p 80
#nmap -p 80,443
#nmap -p 80-200
nmap port.PNG
7.Scan TCP and UDP port
# nmap -sS -sU -PN
8.Display the Reason a Port is in a Particular State
#nmap –reason
It display the Reason why Nmap thinks that a port is in a particular state.
nmap reason.PNG
9.Show Only Open Ports
#nmap –open
10.Service Version Detection
#nmap -sV
nmap version.PNG
11.Firewall Detection
#nmap -sA
12. Scan a Firewall For Security Vulnerabilities
TCP Null Scan: TCP flag header is 0
# nmap -sN
TCP Fin Scan :
# nmap -sF
TCP Xmas Scan :
#nmap -sX
* Set the FIN, PSH and URG flags.
13.Stealthy Scan
TCP SYN Scan : It never open full TCP Connections
#nmap -sS
14.Disable Host Discovery (No Ping)
#nmap -Pn
15.Vulnerability scan
#nmap –script vuln
This scan is very useful as it discloses the vulnerability of the target.
nmap Vuln.PNG

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

1 thought on “Network Discovery & Security Auditing with Nmap”

Leave a Comment

Your email address will not be published.

Scroll to Top