Article Categories

Selected Reading

NMAP Cheat Sheet

Computer Network Network MCA

Nmap is a free open source tool, employed to discover hosts and services on a computer network by sending packets and analyzing the retrieved responses. Nmap offers features for probing computer networks, including host discovery and service and operating system detection.

Nmap provides additional information on targets, including reverse DNS names, device types, and MAC addresses. It supports scriptable interaction through the Nmap Scripting Engine (NSE) for advanced network reconnaissance.

Core Capabilities

Host discovery − Identifying hosts on a network that respond to TCP and/or ICMP requests or have particular ports open
Port scanning − Enumerating open ports on target hosts to identify running services
OS detection − Determining the operating system and hardware characteristics of network devices
Version detection − Interrogating network services to determine application names and version numbers

Common Use Cases

Network inventory, mapping, and asset management
Security auditing by identifying open ports and services
Firewall rule testing and network connectivity verification
Vulnerability assessment and penetration testing
DNS queries and subdomain enumeration

Basic Scanning Commands

Goal	Command	Example
Scan a Single Target	nmap [target]	nmap 192.168.0.1
Scan Multiple Targets	nmap [target1] [target2]	nmap 192.168.0.1 192.168.0.2
Scan a Range of Hosts	nmap [range]	nmap 192.168.0.1-10
Scan an Entire Subnet	nmap [ip address/cidr]	nmap 192.168.0.1/24
Excluding Targets	nmap [targets] --exclude [targets]	nmap 192.168.0.1/24 --exclude 192.168.0.100
Aggressive Scan	nmap -A [target]	nmap -A 192.168.0.1

Discovery Options

Goal	Command	Example
Ping Only Scan	nmap -sn [target]	nmap -sn 192.168.0.1
Skip Ping	nmap -Pn [target]	nmap -Pn 192.168.0.1
TCP SYN Ping	nmap -PS [target]	nmap -PS 192.168.0.1
UDP Ping	nmap -PU [target]	nmap -PU 192.168.0.1
ICMP Echo Ping	nmap -PE [target]	nmap -PE 192.168.0.1
ARP Ping	nmap -PR [target]	nmap -PR 192.168.0.1

Advanced Scanning Types

Goal	Command	Example
TCP SYN Scan	nmap -sS [target]	nmap -sS 192.168.0.1
TCP Connect Scan	nmap -sT [target]	nmap -sT 192.168.0.1
UDP Scan	nmap -sU [target]	nmap -sU 192.168.0.1
TCP NULL Scan	nmap -sN [target]	nmap -sN 192.168.0.1
TCP FIN Scan	nmap -sF [target]	nmap -sF 192.168.0.1
Xmas Scan	nmap -sX [target]	nmap -sX 192.168.0.1

Port Scanning Options

Goal	Command	Example
Fast Scan	nmap -F [target]	nmap -F 192.168.0.1
Specific Ports	nmap -p [ports] [target]	nmap -p 21-25,80,443 192.168.0.1
All Ports	nmap -p- [target]	nmap -p- 192.168.0.1
Top Ports	nmap --top-ports [number] [target]	nmap --top-ports 100 192.168.0.1

Version Detection & OS Fingerprinting

Goal	Command	Example
OS Detection	nmap -O [target]	nmap -O 192.168.0.1
Service Version Detection	nmap -sV [target]	nmap -sV 192.168.0.1
Aggressive Detection	nmap -A [target]	nmap -A 192.168.0.1

Scripting Engine (NSE)

Goal	Command	Example
Execute Script	nmap --script [script] [target]	nmap --script vuln 192.168.0.1
Script Categories	auth, default, discovery, safe, vuln	nmap --script safe 192.168.0.1
Update Scripts	nmap --script-updatedb	nmap --script-updatedb

Conclusion

Nmap is an essential network discovery and security auditing tool that provides comprehensive host discovery, port scanning, and service detection capabilities. Its extensive command-line options and scripting engine make it invaluable for network administrators, security professionals, and penetration testers.

Ajay yadav

Updated on: 2026-03-16T23:36:12+05:30

100K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started

Previous Next