Skip to main content

NMAP (Network Mapper) - A Securtiy Scanner

Nmap ("Network Mapper") is a free and open-source utility for network discovery and security auditing.
Which is a simple and very powerful tool for security audit/research.

Best platform for NMAP???

  • Windows
  • Linux
  • Mac  
 (* in Kali Linux NMAP pre-installed)

NMAP is able to run in CLI as well as in GUI mode named ZENMAP.

   Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. 

  Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results from viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping)

NMAP able to do Host discovery, port scanning, OS detection, and Vulnerability Scan.

In this article, we going to discuss port scanning briefly.

What is Host Discovery

   By the Host Discovery scan, we able to find out the number of live devices in a network.

    In this method, NMAP will broadcast(Echo Request) TCP packets to the entire network (or) a target IP address (or) set of IP addresses. Once NMAP got Echo Reply from the target machine. Which will add that device to ARP inventory.

Finally, it will display ARP inventory as the Host Discovery result.

Syntex : #nmap -sn <Target IP/Network>

What is Port Scanning?

    The port scanning means to probe a server or host for open ports. This is often used by administrators to verify the security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

   A port scan or portscan is a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port; this is not a nefarious process in and of itself. The majority of uses of a port scan does not attack, but rather simple probes to determine services available on a remote machine.

The Three port states recognized by Nmap
Open       Service is open (Port is open)
Closed     Service is closed
Filtered    Nmap cannot determine whether the port is open because of Firewall

Nmap syntax for port scanning

 #nmap  <IP Address>

In the above image, NMAP finds the SSH open stat TCP service ports of the target machine in  LAN.
With NMAP we able to scan public IP addresses.

NMAP has the capability to bypass Firewalls. We will see different types of port scanning techniques in the future.


Popular posts from this blog

My Life as Information security engineer Chapter 1: Tools

  Hi folks, here I am going to share the tools list that I am using in my daily life cycle. NMAP  Nmap (“Network Mapper”) is a free and open-source (license) utility for network discovery and security auditing. Basically, I will use it to discover the open ports and closed ports where I did Port Mapping in firewalls. We can use this in the local network as well as in the WAN network. Also with help of the NSE script, we do multiple things like vulnerability check, exploitation, etc., Ref: CURL and WGET curl   is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). Normally using this tool to analyze the website headers when my web security device blocking some dynamic content websites and to create the Application signature in IPS. Wget   using to download files directly instead of opening and surfing the brow

AquaSec Container Security Solution ( DevSecOps ) - A quickView

  What is AquaSec?      The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure, and secure running workloads wherever they are deployed.    Solutions : Cloud Native Security Platform CSPM Cloud Security Container Security Kubernetes Security Serverless Security Cloud VM Security Dynamic Threat Analysis (DTA) Container Vulnerability Scanning Aquasec offers a 14days trial to learn the container security / Automated DevSecOps. Use this link to get free trail  Sign In | Aqua (   How to start with AquaSec? Once login into the portal click the nine dots in the left-side top > Aqua Hub  Then click the "Integrations" The Integration page has a lot of options to connect your container Platform Choosing your platform provides the required key to integrate. (follow the OEM documents ) The

What is IP Obfuscation ? How it's working ? how to use Cuteit tool ?

  What is IP  Obfuscation?     Which is a method to hide or convert a doted format IP address  (e.g.   into an Integer or Hexadecimal value or Octal form by using some mathematical formula. It’s a kind of method to spoof the human eyes and web security services. dot format to Decimal Conversion 👉  [] to translate (172 x256 3 )+(67×256 2 )+(129×256 1 )+(3×256 0 ) =  2890105091 Now you can use  https://2890105091  to access This is one of the ways to do IP  Obfuscation.  The tool  ‘ Cuteit ‘ is  A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command-line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. HOW TO USE CUTEIT ? Download & Install Cuteit from the below link git :   git clone Direct link: usage: Cu