Cheatsheets

Comprehensive Nmap Security Tool Cheatsheet for SOC Analysts and Pentesters

by n8n admin

🤖 AI Prompts Cheatsheet

Daniel Osei — AI-Assisted Security Engineer

What is Nmap?

Nmap (Network Mapper) is an open-source tool for network exploration and security auditing. It is widely used by network admins and penetration testers to discover hosts and services on a computer network, thus creating a ‘map’ of the network. Its versatility makes it a daily use tool for professionals involved in cybersecurity.

Installation

To install Nmap, you can use the package manager for your operating system:

  • Debian/Ubuntu: sudo apt install nmap
  • Fedora: sudo dnf install nmap
  • macOS: brew install nmap
  • Windows: Download the installer from the Nmap official website.

Basic Syntax

The basic syntax of Nmap is:

nmap [options] [target]

Network Discovery

Nmap is often used for discovering live hosts and their IP addresses on a given network:

nmap -sn 192.168.1.0/24

This command performs a ping sweep that identifies which hosts are up on the specified subnet.

Port Scanning

Nmap can be used to discover open ports on a target:

nmap -p 1-65535 -T4 -A -v

This command scans all ports (1-65535) quickly with service version detection, OS detection, and traceroute enabled.

Service Version Detection

To obtain version info about services running on open ports:

nmap -sV -p

This command checks the specified port on the target IP for the version of any service running there.

Operating System Detection

To identify the operating system of a target:

nmap -O

Vulnerability Scanning

To use Nmap for vulnerability scanning, you can use the nse (Nmap Scripting Engine):

nmap --script=vuln

Quick Reference Table

Flag Description
-sn Ping scan, does not port scan.
-p Specifies ports to scan.
-sV Service/version detection.
-O Operating system detection.
-A Enables OS detection, version detection, script scanning, and traceroute.

Pro Tips

  • Scan Multiple Targets: To scan multiple targets (IP ranges or lists), use nmap -p 80,443 192.168.1.1 192.168.1.2.
  • Save Scan Results: To save results to a file, you can use -oN filename.txt (normal format).
  • Include Script Scans: Nmap has powerful scripts available that can enhance your scans. Explore using --script for specific tasks.

Real-World Examples

  • Full Scan of a Host: 
    nmap -sS -sV -A -O
  • Scan a Specific Range: 
    nmap -p 21,22,80,443 192.168.1.0/24
  • Scan a Server with a Specific Script: 
    nmap --script=http-vuln*

Related Posts

AI Prompting for Cybersecurity: A Practical Cheatsheet

🤖 AI Prompts Cheatsheet Daniel Osei — AI-Assisted Security Engineer Why AI Changes the Game for Cybersecurity AI tools have revolutionized how cybersecurity professionals operate. They can assist in automation, threat detection, incident response, and…

AI Prompts Cheatsheet for Cybersecurity Analysts

📱 Mobile Security Tips Nina Kovacs — Consumer Security Analyst Why AI Changes the Game for Cybersecurity Analysts Artificial Intelligence (AI) has revolutionized the way cybersecurity analysts operate by providing tools that enhance threat detection,…

Nmap Security Tool Cheatsheet

📱 Mobile Security Tips James Calloway — Mobile Device Management Lead What is Nmap? Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It can be used to discover…