Nmap Network Security Scanner

Nmap (Network Mapper) is a free and open-source security auditing and network exploration tool that uses raw IP packets to discover hosts, services, operating systems, and firewall configurations on a network. Created by Gordon Fyodor Lyon (known as Fyodor) in September 1997 and developed by the Nmap Project (Insecure.Com LLC, Sunnyvale, California), Nmap is the de facto standard for network discovery and security auditing. Key features: host discovery using ICMP echo, ARP scan, TCP SYN/ACK ping, UDP ping with flexible customization. Port scanning: TCP SYN scan (half-open, most popular), TCP connect, UDP scan, FIN/Xmas/null scans, ACK scan, and idle scan (zombie host). Service detection (-sV): probes open ports to determine service and version using a database of over 11,000 signatures. OS detection (-O): TCP/IP stack fingerprinting with over 2,600 OS signatures. Nmap Scripting Engine (NSE): 600+ scripts for vulnerability detection, backdoor detection, brute-force authentication, and network discovery, categorized by auth, brute, default, discovery, exploit, intrusive, safe, version, vuln. Output: interactive, XML, grepable, normal for integration with Metasploit, Nessus, Splunk. Ndiff for comparing scan results. Nping for custom packet generation. Timing templates (-T0 through -T5) with fine-grained control over parallelism, timeout, retry. Firewall/IDS evasion via fragmentation (-f), decoys (-D), source port spoofing. Zenmap: cross-platform GUI with topology viewer. Cross-platform: Linux, Windows, macOS, BSD. GPL-2.0.