nmap
Nmap
Nmap - A versatile network security scanning tool used for threat detection and anomaly detection in infrastructure environments. https://github.com/nmap/nmap
nmap is a network scanning tool used to discover hosts and services on a computer network. Nmap is widely used by system administrators and security professionals to map out network topologies, find open ports, and detect vulnerabilities.
https://formulae.brew.sh/formula/nmap
- Definition: nmap (Network Mapper) is a free, open-source utility for network discovery and security auditing. It is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
- Function: Performs network scanning to identify active devices, open ports, running services, and potential vulnerabilities.
- Components:
* '''nmap Core''': The main program that performs network scans. * '''nmap Scripting Engine (NSE)''': Allows users to write scripts for extending nmap's capabilities. * '''Zenmap''': The official graphical user interface (GUI) for nmap.
- Features:
* '''Host Discovery''': Identifies live hosts on a network. * '''Port Scanning''': Detects open ports on target hosts. * '''Service and Version Detection''': Identifies services running on open ports and their versions. * '''OS Detection''': Determines the operating system of the target hosts. * '''Scripting Engine''': Automates various network tasks using NSE scripts. * '''Vulnerability Detection''': Identifies potential vulnerabilities and security issues.
- Usage: Widely used by network administrators, security professionals, and penetration testers for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Examples
- Basic nmap scan to discover live hosts and open ports:
```bash nmap -sP 192.168.1.0/24 ```
- Scanning a specific host for open ports:
```bash nmap -p 1-65535 192.168.1.1 ```
- Service and version detection on a target host:
```bash nmap -sV 192.168.1.1 ```
- Operating system detection on a target host:
```bash nmap -O 192.168.1.1 ```
- Running a script from the nmap Scripting Engine (NSE):
```bash nmap --script=vuln 192.168.1.1 ```
- Using nmap in a Python script:
```python import nmap
def scan_network(target):
nm = nmap.PortScanner()
nm.scan(target, '1-1024')
for host in nm.all_hosts():
print(f'Host : {host} ({nm[host].hostname()})')
print(f'State : {nm[host].state()}')
for proto in nm[host].all_protocols():
print('----------')
print(f'Protocol : {proto}')
lport = nm[host][proto].keys()
for port in lport:
print(f'port : {port}\tstate : {nm[host][proto][port]["state"]}')
# Scan the local network
scan_network('192.168.1.0/24')
```
- Using nmap in a Java program:
```java import java.io.BufferedReader; import java.io.InputStreamReader;
public class NmapExample {
public static void runNmapScan(String target) {
try {
Process process = new ProcessBuilder("nmap", "-sP", target).start();
BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
String line;
while ((line = reader.readLine()) != null) {
System.out.println(line);
}
reader.close();
int exitCode = process.waitFor();
if (exitCode != 0) {
BufferedReader errorReader = new BufferedReader(new InputStreamReader(process.getErrorStream()));
while ((line = errorReader.readLine()) != null) {
System.err.println("Error: " + line);
}
errorReader.close();
}
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
// Run nmap scan on the local network
runNmapScan("192.168.1.0/24");
}
}
```
Summary
- nmap: A powerful, open-source network discovery and security auditing tool used to identify active devices, open ports, running services, operating systems, and potential vulnerabilities on a network. With features like the nmap Scripting Engine and Zenmap GUI, nmap is an essential tool for network administrators, security professionals, and penetration testers.
nmap.txt · Last modified: 2025/02/01 06:39 by 127.0.0.1