NMAP in Depth | Nmap Complete Tutorial | Beginner to Advance | Cyber Security | Learning 💯

Introduction

This tutorial aims to provide a comprehensive guide to using Nmap, a powerful network scanning tool essential for cybersecurity professionals. Whether you are a beginner or looking to advance your skills, this guide will walk you through the basics of Nmap, the types of scans you can perform, and its practical applications in network security.

Step 1: Understanding Nmap

• Nmap, short for Network Mapper, is an open-source tool used for network discovery and security auditing.
• It can identify hosts and services on a network, allowing you to map out your network and find potential vulnerabilities.
• Familiarize yourself with Nmap's capabilities, including host discovery, port scanning, service version detection, and OS detection.

Step 2: Installing Nmap

• For Linux (Kali Linux recommended):
  1. Open your terminal.
  2. Run the command:

     sudo apt-get install nmap
     

• For Windows:
  1. Download the Nmap installer from the official Nmap website.
  2. Follow the installation prompts.
• For macOS:
  1. Use Homebrew and run:

     brew install nmap
     

Step 3: Basic Nmap Commands

• Start with simple commands to get familiar with Nmap:
  • Scan a single host:

    nmap <IP_ADDRESS>
    

  • Scan a range of IP addresses:

    nmap <START_IP>-<END_IP>
    

  • Scan an entire subnet:

    nmap <SUBNET>/24
    

• Practical tip: Always run scans with appropriate permissions to avoid legal issues.

Step 4: Understanding Scan Types

• Nmap offers various scan types. Here are a few common ones:
  • TCP Connect Scan:

    nmap -sT <TARGET>
    

  • SYN Scan (stealth scan):

    nmap -sS <TARGET>
    

  • UDP Scan:

    nmap -sU <TARGET>
    

• Different scans can provide different insights into network security.

Step 5: Service and Version Detection

• To identify services running on open ports and their versions, use:

  nmap -sV <TARGET>
  

• This information can help assess vulnerabilities associated with specific services.

Step 6: Operating System Detection

• To determine the OS running on a target machine, use the following command:

  nmap -O <TARGET>
  

• Understanding the OS can help you tailor your security strategies.

Step 7: Output Options

• Nmap allows you to save scan results in various formats:
  • Normal output:

    nmap -oN output.txt <TARGET>
    

  • XML output:

    nmap -oX output.xml <TARGET>
    

• Use these formats for reporting or further analysis.

Step 8: Using Nmap Scripts

• Nmap comes with a scripting engine (NSE) to automate tasks:
  • To run a script, use:

    nmap --script <SCRIPT_NAME> <TARGET>
    

• Explore available scripts with:

  nmap --script-help <SCRIPT_NAME>
  

Conclusion

Nmap is an incredibly versatile tool for network security analysis. By understanding its functionalities—from basic commands to advanced scripting—you can effectively map networks and identify vulnerabilities. As a next step, practice using Nmap on a safe network environment to build your skills and explore its extensive features.