Common Nmap Commands for Beginners

Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It is widely utilized by cybersecurity professionals, penetration testers, and system administrators to scan networks, detect open ports, and discover vulnerabilities. Below are some of the most commonly used Nmap commands.

1. Basic Nmap Scan

nmap <target-ip>

This command performs a basic scan to check for open ports on the target machine.

2. Scan a Specific Port

nmap -p 80 <target-ip>

Scans a specific port (in this case, port 80) on the target machine.

3. Scan Multiple Ports

nmap -p 22,80,443 <target-ip>

Scans multiple specified ports.

4. Scan All Ports

nmap -p- <target-ip>

Scans all 65535 ports of the target machine.

5. Scan a Range of IPs

nmap 192.168.1.1-100

Scans all IPs within the given range.

6. Perform a Service and Version Detection Scan

nmap -sV <target-ip>

Detects versions of services running on open ports.

7. Perform an OS Detection Scan

nmap -O <target-ip>

Attempts to detect the operating system of the target.

8. Scan for Most Common Ports

nmap --top-ports 20 <target-ip>

Scans the top 20 most commonly used ports.

9. Perform a Stealth Scan

nmap -sS <target-ip>

Performs a stealthy SYN scan to avoid detection.

10. Perform a UDP Scan

nmap -sU <target-ip>

Scans for open UDP ports instead of TCP.

11. Perform a Aggressive Scan

nmap -A <target-ip>

Enables OS detection, version detection, script scanning, and traceroute in one command.

12. Save Scan Results to a File

nmap -oN output.txt <target-ip>

Saves the results of the scan to a text file.