Summary  
This chapter explains how to send crafted packets to perform port scans, interpret responses to determine port states, and identify running services by analyzing scan output.  

General domain of usage  
Network security auditing

**Video Description:** This video introduces you to Nmap's user interface and demonstrates how to perform a basic scan. You'll see how to launch Nmap from the command line, interpret the initial output, and understand the key options available for beginners.

Nmap, short for **"Network Mapper,"** is a powerful open-source tool that has become an industry standard for network discovery and security auditing. Originally released in 1997 by Gordon Lyon, also known as **Fyodor**, Nmap was designed to efficiently map out networks by identifying active hosts and open ports. Over the years, it has evolved to support a wide range of advanced features, making it indispensable for **cybersecurity professionals**, network administrators, and penetration testers.

The primary purpose of Nmap is to help you understand what devices are present on a network, what services those devices are offering, and whether any vulnerabilities may exist. In the context of cybersecurity, Nmap is often used during the reconnaissance phase of penetration testing, where you gather information about a target network before attempting to exploit vulnerabilities. Common use cases include:

- Inventorying network assets;
- Auditing firewall configurations;
- Detecting unauthorized devices;
- Performing vulnerability assessments.

Nmap's flexibility and reliability have led to its widespread adoption in both offensive and defensive security roles. Whether you're troubleshooting a network, responding to an incident, or proactively searching for weaknesses, Nmap provides the foundational knowledge needed to make informed decisions about network security.

To understand how **Nmap** works, it's important to look at its **scanning methodology** and the types of **output** it produces. At its core, Nmap sends specially crafted packets to target hosts and analyzes the responses to determine which hosts are up, which ports are open, and what services are running. Nmap supports a variety of scanning techniques, including:

- TCP connect scans;
- SYN scans (often called "half-open" scans);
- UDP scans;
- More advanced methods that can bypass certain security controls.

Nmap can produce output in several formats to suit different needs. The default human-readable output provides a detailed summary of the scan results, including discovered hosts, open ports, and detected services. For automation and further analysis, Nmap also supports machine-readable formats such as **XML** and **grepable output**. This flexibility allows you to easily integrate Nmap into larger security workflows or reporting systems.

By understanding both the **methodology** and **output formats**, you can tailor your Nmap usage to fit a wide range of network enumeration scenarios, from quick spot checks to comprehensive security assessments.

```
# Basic Nmap scan using the command line interface:
# This command scans the public test server scanme.nmap.org for open ports using default settings.

# Run this in your terminal (not in Python):
nmap scanme.nmap.org
```

This command tells Nmap to scan the host `scanme.nmap.org`, which is a public test server provided by the Nmap project. By using the default settings, Nmap will attempt to identify which ports on the target are open and what services are running on those ports. The results will give you a quick overview of the network exposure for that host, which is the fundamental first step in any enumeration or penetration testing process.

A comprehensive theoretical course on using Nmap for network enumeration, covering host discovery, port scanning, service and OS detection, NSE scripting, and practical reconnaissance techniques. Designed for cybersecurity learners seeking to master Nmap's capabilities through clear explanations, command examples, and real-world scenarios.

This section introduces the concept of network enumeration, its importance in cybersecurity, and provides a foundational understanding of Nmap, its features, and basic usage.

This section delves into advanced host discovery methods, port scanning strategies, and practical command usage for effective reconnaissance.

This section covers advanced Nmap features for service enumeration, operating system detection, and the use of Nmap Scripting Engine (NSE) for in-depth reconnaissance.

Getting Started with Nmap