Nmap

What is Nmap?

Nmap (Network Mapper) is an open-source tool for network exploration and security auditing, created by Gordon “Fyodor” Lyon. For over 25 years it has been one of the most important tools in the arsenal of security professionals, network administrators and penetration testers.

Nmap offers extensive capabilities. Host discovery - identifying active devices on the network (ping sweep, ARP discovery). Port scanning - detecting open TCP and UDP ports using various scanning techniques (SYN scan, connect scan, FIN scan, idle scan). Service and version detection - determining what software and version is listening on open ports. OS fingerprinting - identifying the operating system based on TCP/IP stack characteristics.

The Nmap Scripting Engine (NSE) extends the tool’s capabilities with hundreds of scripts performing varied tasks: vulnerability detection, default credential checking, service enumeration, industrial protocol identification (Modbus, S7, BACnet) and more. Zenmap is Nmap’s graphical interface.

Why does it matter?

Nmap is the standard tool in the initial phase of a penetration test (reconnaissance) and in the IT asset inventory process. In OT environments, Nmap should be used with caution - aggressive scanning can disrupt PLC controllers and industrial protocols. Nmap provides the information needed to assess the attack surface - open ports, outdated software versions and unsegmented networks.

Related topics

• Penetration Testing
• Vulnerability Management
• NDR