Network Mapper is power full tool which is use to Nmap network discovery and security auditing , Nmap is a free and open source utility.Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
Free:- The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.
Portable:- Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.
Flexible:- Supports dozens of advanced techniques for mapping out networks filled with IP filters, firewalls, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), OS detection, version detection, ping sweeps, and more.
"The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. Users can rely on the growing and diverse set of scripts distributed with Nmap, or write their own to meet custom needs".
Scan multiple IP address or subnet (IPv4)
nmap 192.168.10.1 192.168.10.2 192.168.10.3
## works with same subnet i.e. 192.168.10.0/24
Finally, you scan an entire subnet:
Find out if a host/network is protected by a firewall
nmap -sA 192.168.10.254
nmap -sA blackhole.n0where.net
Scan a host when protected by the firewall
nmap -PN 192.168.10.1
nmap -PN blackhole.n0where.net
How do I perform a fast scan?
nmap -F 192.168.10.1
Show host interfaces and routes
How do I save output to a text file?
nmap 192.168.10.1 > output.txt
nmap -oN /path/to/filename 192.168.10.1
nmap -oN output.txt 192.168.10.1
Scan a firewall for MAC address spoofing
### Spoof your MAC address ##
nmap --spoof-mac MAC-ADDRESS-HERE 192.168.10.1
### Add other options ###
nmap -v -sT -PN --spoof-mac MAC-ADDRESS-HERE 192.168.10.1
### Use a random MAC address ###
### The number 0, means nmap chooses a completely random MAC address ###
nmap -v -sT -PN --spoof-mac 0 192.168.10.1
Scan for IP protocol
IP protocols (TCP, ICMP, IGMP, etc.) are supported by target machines
nmap -sO 192.168.10.1
Find out the most commonly used TCP ports using TCP SYN Scan.
### Stealthy scan ###
nmap -sS 192.168.10.1
### Find out the most commonly used TCP ports using TCP connect scan (warning: no stealth scan)
### OS Fingerprinting ###
nmap -sT 192.168.10.1
### Find out the most commonly used TCP ports using TCP ACK scan
nmap -sA 192.168.10.1
### Find out the most commonly used TCP ports using TCP Window scan
nmap -sW 192.168.10.1
### Find out the most commonly used TCP ports using TCP Maimon scan
nmap -sM 192.168.10.1
Scan a host using UDP ping
This scan bypasses firewalls and filters that only screen TCP.
nmap -PU 192.168.1.1
nmap -PU 2000.2001 192.168.1.1