Nmap Tutorial

Nmap is a network analysis and security auditing tool which is free and open source. Nmap is used by Security Consultant as an initial reconnaissance stage of Penetration Testing.

Fyodor AKA Gordon Lyon is the one that produces and maintain the Nmap tools.

Normally, the Nmap tool is been used to discover service/port that the application is using and exposed any information including OS and service details.

Installation and usage

For those are using Mac OS, you can use the command brew install Nmap

However, for those can’t use brew command can manually download Nmap here

Once download and installation completed, the user can run the Nmap by typing the command nmap and the interface will look like as the picture below:

Nmap has a variety of command that can be used for reconnaissance. The command is as below:

  • nmap -O <ip address> (This is normally used for OS detection)
  • nmap -sP <ip address> (This is normally used for checking all the active IP available in the network)
  • nmap -v -A -sS -t4 <ip address> (This normally shows the result for verbose input, t4 timing, syn stealth scan, OS detection, traceroute and service information)

For those are not familiar with command-line, there is a GUI interface of Nmap which it is called Zenmap.

The picture above is an example of Zenmap

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *