kali linux tools (Nmap- Prt 1 )

What is Nmap?

Nmap is a free and open-source utility which is used to scan networks and security auditing. Nmap can discover hosts and services on a computer network by sending packets and analyzing the responses. The utility is available on almost every os, it is available for windows, linux and mac

how to download Nmap?

To download Nmap you can simply head towards the official website by clicking https://nmap.org/  In case if kali Linux and parrot os, it is already available in there so you will not need to download the utility.

How to launch Nmap?

In Windows hosts you can simply install nmap and run it from the desktop icon using administrator privileges . In linux hosts there are 2 ways of doing it, in case of kali linux and parrot os you can find the icon and click to start and later give it root privileges by entering your password .

The other way is you can simply run on terminal

nmap –help

How to use Nmap?

we will use the Nmap for legal test we will test on scanme.nmap.org this is the nmap test website

Nmap can use for different reasons

1- for knowing the IP address and open port

nmap scanme.nmap.org

IP address of website
open ports

2-TCP Scan/TCP Connect Scan:

nmap -sT scanme.nmap.org –top-ports 50


  • -sT is used for TCP Scan.
  • –top-ports is used to give top ports which are used to give the number of ports. Here we give 50 which means the top 50 ports which are most used in TCP.

 This scan is used to scan the TCP ports. It completes the 3-way handshake process which means the host keeps the record.

Using this command your system sends an SYN packet and the Destination response with SYN and ACK packets which means the port is listening and your system sends an ACK packet to complete the connection.

If the port is Closed then the Destination Respond with RST/ACK packets.

In the above image, you can see the result of the TCP scan you can see the port number and state of the ports and services on these ports.

3-SYN Scan/Stealth Scan/Half Open Scan:

on this command we will use the IP

nmap -sS --top-ports 50

Here: -sS is used for SYN Scan.
SYN Scan is the same as TCP Scan because it does not complete the 3-way handshake process.
In this scan, Source sends the SYN packet and the destination responds with SYN/ACK packets but the source interrupts the 3-way handshake by sending the RST packet. Because of the interruption Destination or host does not keep a record of the Source system.

4-UDP scan

nmap -sU

Here: -sU is used to activate the UDP Scan. It generally sends the empty UDP packets and it takes more time than TCP Scan.

5-Ping Scan/NO PORT Scan:

nmap -sn

Here: -sn and -sP both are used for Ping Scan.

Only print the available host that responds to the host Discovery probes within the network. The above command does not tell anything about the ports of the system. you can also use it to check for a single IP to check that the host is up or not.

Share this post

Leave a Reply

Your email address will not be published.

Select your currency
USD United States (US) dollar