Nmap, or Network Mapper, is a versatile, free, and open-source networking tool that allows network administrators and security auditors to explore networks, perform security checks, and discover hosts and services. Here’s how you can customize NMAP for different types of jobs:

1. Network Discovery and Host Identification:
NMAP can be customized to perform all kinds of network surveys to discover hosts and services. Use the -sn (No port scan) option to turn off TCP/UDP scanning and just perform host discovery. E.g., `nmap -sn 192.168.0.0/24` command will discover which hosts are up in the range of IP addresses defined (source: Nmap.org).

1. Port Scanning:
To discover open ports and applications running on a target machine, use the -p option followed by the port range (e.g., nmap -p 1-5000 192.168.1.105). This will scan a specific range (1 to 5000) of TCP ports (source: CISOfy.com).

1. Version Detection:
The -sV option enables version detection. This will help you understand what software versions your devices are running and whether they need updates. E.g., `nmap -sV 192.168.1.105` will try to determine the software versions on the target host (source: Nmap.org).

1. Specific Script Scans:
Nmap Scripting Engine (NSE) is one of Nmap’s most powerful features for customization. It allows users to write scripts for advanced network-based attacks. For example, to scan for SQL injection vulnerabilities, you can use: `nmap —script sql-injection ` (source: Nmap.org).

1. Output Formatting:
Nmap supports several formats for its output result, useful for further processing. For instance, the -oX option can be used to save scan results to an XML file. E.g., `nmap -oX output.xml 192.168.1.105` saves the scan results in an XML file named output.xml (source: Nmap.org).

1. Timing Templates:
Nmap offers predefined timing templates to control the scan speed, identified by -T0 to -T5. -T4 (aggressive) and -T5 (insane) are usually employed for internal networks, while -T2 (polite) and -T3(normal) are commonly used for external networks (source: TUlibrodeface.com).

1. Stealth Scans:
The -sS option sends a TCP SYN packet and waits for a response to begin stealth scans. If a TCP SYN|ACK is received, the machine states that the port is open. E.g., `nmap -sS 192.168.1.105` performs a stealth scan (source: Nmap.org).

NMAP is an incredibly granular tool, and the above examples represent only the tip of all its capabilities. More possibilities can be found on the official Nmap documentation.

Sources:
Nmap.org, https://nmap.org/book/man.html
CISOfy.com, https://cisofy.com/lynis/controls/NETW-3010/
TUlibrodeface.com, https://tulibrodeface.com/nmap-cheat-sheet/

DinoGeek offers simple articles on complex technologies

Would you like to be quoted in this article? It's very simple, contact us at dino@eiki.fr

CSS | NodeJS | DNS | DMARC | MAPI | NNTP | htaccess | PHP | HTTPS | Drupal | WEB3 | LLM | Wordpress | TLD | Domain name | IMAP | TCP | NFT | MariaDB | FTP | Zigbee | NMAP | SNMP | SEO | E-Mail | LXC | HTTP | MangoDB | SFTP | RAG | SSH | HTML | ChatGPT API | OSPF | JavaScript | Docker | OpenVZ | ChatGPT | VPS | ZIMBRA | SPF | UDP | Joomla | IPV6 | BGP | Django | Reactjs | DKIM | VMWare | RSYNC | Python | TFTP | Webdav | FAAS | Apache | IPV4 | LDAP | POP3 | SMTP