Cheatsheets

Nmap Security Tool Cheatsheet

by n8n admin

📱 Mobile Security Tips

James Calloway — Mobile Device Management Lead

What is Nmap?

Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It can be used to discover hosts and services on a computer network by sending packets and analyzing the responses.

Installation

Nmap can be installed on various operating systems including Windows, Linux, and macOS. Here’s how to install it on different platforms:

  • Linux: Most Linux distributions can install Nmap via package managers. For example, use sudo apt install nmap for Debian-based systems.
  • macOS: Use Homebrew with brew install nmap.
  • Windows: Download the installer from the Nmap official site.

Basic Syntax

The basic syntax for using Nmap is nmap [options] [targets].

Discovery

Host Discovery

To discover live hosts on a network, use:

nmap -sn 192.168.1.0/24

This command sends ICMP echo requests to all addresses in the specified range.

Service Discovery

Identifying services on found hosts:

nmap -sV 192.168.1.1

The -sV option probes open ports to determine service/version info.

Scanning

Port Scanning

This scans for open TCP ports on a target:

nmap -p 1-1000 192.168.1.1

The -p flag specifies the port range to scan.

Exploitation

Scripting Engine

Utilize Nmap’s scripting engine to execute scripts:

nmap --script vuln 192.168.1.1

The --script vuln flag runs vulnerability scripts.

Analysis

OS Detection

To perform OS fingerprinting:

nmap -O 192.168.1.1

The -O flag enables OS detection.

Evasion

Stealth Scanning

To avoid detection, use SYN scan:

nmap -sS 192.168.1.0/24

The -sS flag performs a TCP SYN scan.

Reporting

Output Formats

To export results in different formats, use:

nmap -oA output 192.168.1.1

The -oA option will save in all formats.

Quick Reference Table

Flag Description
-sP Ping scan – discover live hosts
-sV Version detection
-O OS detection
–script Execute specified scripts
-oA All output formats

Pro Tips

  • **Timing Options**: Use -T4 for faster execution.
  • **Exclude Hosts**: Use --exclude 192.168.1.5 to skip certain IPs.
  • **Aggressive Scan**: The -A flag combines several features like service detection, OS detection, and script scanning.

Real-World Examples

Example 1: Full Network Scan

nmap -sS -sV -O 192.168.1.0/24

Example 2: Scan and Save Output

nmap -sP -oA scan_results 192.168.1.1

Related Posts

Essential Security Settings for Mobile Devices

🛠 Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why This Matters In today’s connected world, mobile devices are prime targets for hackers and data thieves. As they contain sensitive personal and professional information,…

Security Cheatsheet

🛠 Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester { “title”: “Comprehensive Guide to Nmap for Security Analysts”, “content”: “ What is Nmap? Nmap (Network Mapper) is an open-source network scanning tool widely used…

Mobile Security Tips for iOS Devices

🛠 Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why This Matters In today’s digital landscape, mobile devices are essential but also vulnerable to security threats. Ensuring your iOS device is secure helps protect…