Nmap Network Scanner

Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing. Created by Gordon Fyodor Lyon (known as Fyodor) in September 1997, Nmap has become the industry-standard tool for network scanning and enumeration, used by system administrators, network engineers, and security professionals worldwide. Nmap was named a 'Product of the Year' by Info World and Linux Journal. Key features: port scanning: Nmap scans target hosts to determine which TCP and UDP ports are open, closed, or filtered. Scanning techniques include SYN scan (half-open scan, the default and most popular), TCP connect scan, ACK scan, FIN scan, Xmas scan, Null scan, and idle scan. Port states are determined by analyzing responses to specially crafted packets. Host discovery: identifies live hosts on a network using ping sweeps (ICMP echo requests), ARP scans, and TCP/UDP probe packets. OS detection (OS fingerprinting): Nmap sends a series of TCP and UDP packets to the target and analyzes the responses (TCP/IP stack behavior, initial sequence numbers, window sizes) to determine the target operating system with high accuracy using a database of over 2,600 OS signatures. Service and version detection: probes open ports to identify the service (HTTP, SSH, FTP, etc.) and its version number, using a database of over 11,000 service signatures. Nmap Scripting Engine (NSE): extends Nmap with over 600 Lua scripts for network discovery, vulnerability detection, backdoor detection, and exploit verification. Categories include auth, brute, default, exploit, malware, safe, and vuln. Output formats: interactive, XML, grepable, and normal. Ndiff compares scan results. Zenmap: the official graphical frontend. C/C++/Lua. Nmap License.