Nmap is a staple in penetration testing for network discovery and reconnaissance — it maps hosts, open ports, running services and can fingerprint operating systems and application versions. Always run Nmap only with explicit authorization — unauthorized scanning can be illegal and disruptive.
Pentesters commonly use fast port scans (e.g., TCP SYN), service/version detection (
-sV), OS detection (-O), and the Nmap Scripting Engine (NSE) to automate vulnerability checks and gather richer context. Proper timing and scan options let you balance speed versus stealth, and the results guide deeper exploitation or hardening steps.
No comments:
Post a Comment