💡 Introduction
If you want to become an ethical hacker, bug bounty hunter, or penetration tester, Nmap is one of the first tools you must master.
Why?
Because Nmap is the king of network scanning 👑
It helps you:
🔍 Find live hosts
🚪 Discover open ports
🧠 Identify services & versions
🧪 Detect vulnerabilities
🛠️ Map entire networks
In this bugitrix guide, we focus on real-world, practical examples — no boring theory, just actionable learning you can run right now.
🚀 1. What Is Nmap? (Simple Explanation)
Nmap (Network Mapper) is a network scanning tool used to discover what devices exist on a network and what services they run.
Think of it like a radar for hackers 🛸
It scans a target and shows:
What’s alive
What ports are open
What software is running
What vulnerabilities might exist
🛠️ 2. Installing Nmap (Super Easy)
✔️ Kali Linux / Ubuntu / Debian
sudo apt install nmap
✔️ Windows
Download from: nmap.org
Then run normally.
✔️ macOS
brew install nmap
Done! 🎉
🔥 3. Practical Nmap Commands (Real Scans You Can Run Today)
Let’s jump straight into the hands-on commands.
🎯 Scan 1: Basic Scan (Find Open Ports)
nmap <target>
Example:
nmap scanme.nmap.org
✨ Shows basic open ports + service info.
⚡ Scan 2: Fast Scan (Quick Recon Mode)
nmap -F <target>
Scans the most common ports — perfect for quick bug bounty recon ⚡
🔍 Scan 3: Service & Version Detection
nmap -sV <target>
This identifies:
Web servers
FTP versions
SSH builds
Database versions
Great for vulnerability research 📚
🧪 Scan 4: Aggressive Scan (Lots of Info!)
nmap -A <target>
This gives you:
OS detection
Version detection
Script scanning
Traceroute
⚠️ Warning: Very loud! Only use on legal targets.
📡 Scan 5: Detect Operating System
nmap -O <target>
Useful to know what the server runs:
🟦 Windows
🟩 Linux
🟧 BSD
🚪 Scan 6: Scan Specific Ports
nmap -p 80,443,22 <target>
Or scan a range:
nmap -p 1-1000 <target>
Perfect for high-priority ports 🎯
🧠 Scan 7: Scan an Entire Network
nmap 192.168.1.0/24
Shows all devices on your network — routers, phones, PCs, IoT devices 📶
🔐 Scan 8: Find Vulnerabilities (Nmap Script Engine)
nmap --script vuln <target>
This checks for known vulnerabilities like:
SSL issues
Outdated services
Misconfigurations
Great for bug hunters 🐞
🕵️♂️ Scan 9: Stealth Scan (Harder to Detect)
nmap -sS <target>
Uses SYN packets — often bypasses firewalls.
🎒 Scan 10: Save Scan Results
nmap -oN results.txt <target>
Use this for bug bounty reports 📄
📘 4. Nmap Cheat Sheet (bugitrix Edition)
| Command | Purpose |
|---|---|
| nmap <target> | Basic scan |
| -F | Fast scan |
| -sV | Version detection |
| -A | Aggressive scan |
| -O | OS detection |
| -p | Specific ports |
| --script vuln | Vulnerability scan |
| -sS | Stealth scan |
| -oN file.txt | Save results |
🎯 5. Real Bug Bounty Use Cases for Nmap
✔️ Identify exposed admin portals
Find open ports like 8443, 2087, 8000 etc.
✔️ Detect outdated services
Old versions = possible exploits.
✔️ Locate unnecessary services
Sometimes companies “forget” to disable services — easy wins! 💰
✔️ Network mapping during recon
Great before firing up Burp Suite or Nikto.
⚠️ Important Note (Ethical Hacking Only!)
Nmap scanning is noisy and detectable.
Only scan systems you own or have permission to test.
bugitrix promotes legal and responsible cybersecurity ❤️
🏁 Conclusion
Nmap is one of the most powerful and essential tools in hacking.
With the practical commands in this bugitrix tutorial, you now know how to:
🌐 Scan networks
🚪 Identify open ports
🧠 Detect OS & services
🔥 Run vulnerability scans
💼 Save results for reporting
Keep practicing with new targets and wordlists — Nmap mastery comes from hands-on experience 👨💻⚡