๐ก Introduction
If you want to become an ethical hacker, bug bounty hunter, or penetration tester, Nmap is one of the first tools you must master.
Why?
Because Nmap is the king of network scanning ๐
It helps you:
๐ Find live hosts
๐ช Discover open ports
๐ง Identify services & versions
๐งช Detect vulnerabilities
๐ ๏ธ Map entire networks
In this bugitrix guide, we focus on real-world, practical examples โ no boring theory, just actionable learning you can run right now.
๐ 1. What Is Nmap? (Simple Explanation)
Nmap (Network Mapper) is a network scanning tool used to discover what devices exist on a network and what services they run.
Think of it like a radar for hackers ๐ธ
It scans a target and shows:
Whatโs alive
What ports are open
What software is running
What vulnerabilities might exist
๐ ๏ธ 2. Installing Nmap (Super Easy)
โ๏ธ Kali Linux / Ubuntu / Debian
sudo apt install nmap
โ๏ธ Windows
Download from: nmap.org
Then run normally.
โ๏ธ macOS
brew install nmap
Done! ๐
๐ฅ 3. Practical Nmap Commands (Real Scans You Can Run Today)
Letโs jump straight into the hands-on commands.
๐ฏ Scan 1: Basic Scan (Find Open Ports)
nmap <target>
Example:
nmap scanme.nmap.org
โจ Shows basic open ports + service info.
โก Scan 2: Fast Scan (Quick Recon Mode)
nmap -F <target>
Scans the most common ports โ perfect for quick bug bounty recon โก
๐ Scan 3: Service & Version Detection
nmap -sV <target>
This identifies:
Web servers
FTP versions
SSH builds
Database versions
Great for vulnerability research ๐
๐งช Scan 4: Aggressive Scan (Lots of Info!)
nmap -A <target>
This gives you:
OS detection
Version detection
Script scanning
Traceroute
โ ๏ธ Warning: Very loud! Only use on legal targets.
๐ก Scan 5: Detect Operating System
nmap -O <target>
Useful to know what the server runs:
๐ฆ Windows
๐ฉ Linux
๐ง BSD
๐ช Scan 6: Scan Specific Ports
nmap -p 80,443,22 <target>
Or scan a range:
nmap -p 1-1000 <target>
Perfect for high-priority ports ๐ฏ
๐ง Scan 7: Scan an Entire Network
nmap 192.168.1.0/24
Shows all devices on your network โ routers, phones, PCs, IoT devices ๐ถ
๐ Scan 8: Find Vulnerabilities (Nmap Script Engine)
nmap --script vuln <target>
This checks for known vulnerabilities like:
SSL issues
Outdated services
Misconfigurations
Great for bug hunters ๐
๐ต๏ธโโ๏ธ Scan 9: Stealth Scan (Harder to Detect)
nmap -sS <target>
Uses SYN packets โ often bypasses firewalls.
๐ Scan 10: Save Scan Results
nmap -oN results.txt <target>
Use this for bug bounty reports ๐
๐ 4. Nmap Cheat Sheet (bugitrix Edition)
| Command | Purpose |
|---|---|
| nmap <target> | Basic scan |
| -F | Fast scan |
| -sV | Version detection |
| -A | Aggressive scan |
| -O | OS detection |
| -p | Specific ports |
| --script vuln | Vulnerability scan |
| -sS | Stealth scan |
| -oN file.txt | Save results |
๐ฏ 5. Real Bug Bounty Use Cases for Nmap
โ๏ธ Identify exposed admin portals
Find open ports like 8443, 2087, 8000 etc.
โ๏ธ Detect outdated services
Old versions = possible exploits.
โ๏ธ Locate unnecessary services
Sometimes companies โforgetโ to disable services โ easy wins! ๐ฐ
โ๏ธ Network mapping during recon
Great before firing up Burp Suite or Nikto.
โ ๏ธ Important Note (Ethical Hacking Only!)
Nmap scanning is noisy and detectable.
Only scan systems you own or have permission to test.
bugitrix promotes legal and responsible cybersecurity โค๏ธ
๐ Conclusion
Nmap is one of the most powerful and essential tools in hacking.
With the practical commands in this bugitrix tutorial, you now know how to:
๐ Scan networks
๐ช Identify open ports
๐ง Detect OS & services
๐ฅ Run vulnerability scans
๐ผ Save results for reporting
Keep practicing with new targets and wordlists โ Nmap mastery comes from hands-on experience ๐จโ๐ปโก