Nmap

Detailed Review

Nmap (Network Mapper) is the industry-standard open-source tool for network discovery and security auditing. Used by penetration testers, system administrators, and security professionals worldwide, Nmap uses raw IP packets to determine what hosts are available on a network, what services those hosts are offering, what operating systems they are running, what type of packet filters or firewalls are in use, and dozens of other characteristics.

Key features include host discovery, port scanning, version detection, OS detection, and the Nmap Scripting Engine (NSE) which extends functionality with hundreds of scripts for vulnerability detection, brute forcing, and network discovery. Nmap supports TCP SYN scan, TCP connect scan, UDP scan, FIN scan, and many other scanning techniques.

Nmap is ideal for penetration testers performing reconnaissance, network administrators auditing their infrastructure, and security teams mapping attack surfaces. It runs on all major operating systems including Linux, Windows, and macOS. The tool is completely free and open-source under the GPL license, making it accessible to everyone from students to enterprise security teams. For GUI users, Zenmap provides a graphical frontend. Nmap is typically the first tool used in any penetration test engagement.