01. What is Nmap

Nmap ("Network Mapper")¶

Nmap is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.

Nmap Commands¶

Basic Scan¶

nmap IPaddress

Scans the specified IP address.

Save Output in Grepable Format¶

nmap -oG IPaddress -vv >/path/to/save

Performs a verbose scan and saves output in grepable format.

Scan Specific Port (e.g., Port 22)¶

nmap -oG IPaddress -p 22 -vv >/path/to/save

Scans a specific port and saves output in grepable format.

Aggressive Scan¶

nmap -A IPaddress

Performs an aggressive scan, including OS detection, version detection, script scanning, and traceroute.

Service Version Detection¶

nmap -sV IPaddress

Detects service versions running on the open ports.

Fast Scan¶

nmap -F IPaddress

Scans fewer ports quickly.

Fast Scan Multiple Targets¶

nmap -F IPaddress1 IPaddress2 >/path/to/save

Performs a fast scan on multiple IPs and saves the output.

Display Only Open Ports¶

nmap --open IPaddress >/path/to/save

Displays only the open ports for the given IP address.

NSLookup Commands¶

Interactive Lookup¶

Command: nslookup
Starts the nslookup interactive mode for DNS queries.

Save Results to a File¶

Command: nslookup IPaddress >> filename.txt
Appends the DNS lookup results of an IP address to the specified file.