- Nmap is a free network scanning tool used to discover hosts and services on a network by analyzing responses to various packets and requests.

Penetration testers and network administrators will use Nmap to discover machines on a network and their open ports, running services, operating systems, and a wealth of other useful information.

- This depends on your jurisdiction. In many places, the answer is no, not without prior permission from the owner of the site or network.

Nmap is a tool used for scanning and enumeration. Hackers and penetration testers use the information gathered to see what the available attack surface is. However, there are a great number of NSE scripts that can perform such actions as password brute forcing, checking for backup and configuration files, searching for remote file inclusion (RFI) vulnerabilities, and testing default credentials.

- A basic scan of a single IP address is as easy as: nmap <ip> This will return if the host is up and responding to ping, what ports are open, and what services are running on them. More complex commands can be found in the cheat sheet above.

- The long answer is, it depends on your jurisdiction. The short answer is, probably not and you shouldn’t do it. Even if it isn’t illegal where you live, it will most certainly violate Google’s terms of service.

- Firewalls can block access to ports, which would indeed block Nmap. Nmap does have flags to attempt to evade firewalls and intrusion detection systems, which we have listed in the cheat sheet above.

- After you have installed Nmap on your host system, an over-ambitious antivirus program may flag it as malicious. So long as you have downloaded it from the official Nmap website, it is safe to have installed.

- Nmap has several optional services which can attempt to bypass firewalls and spoof its scans.

- Nmap has many NSE scripts designed to brute force different services and logins. Depending on the login portal, there may be a relevant script to do so. More realistically, Nmap would be used to enumerate the network, and one of many free programs better suited to WiFi hacking would be used afterward.

- Nmap has many brute force scripts which will automate password login attempts on various services, such as MySQL, Telenet, and POP3. This may provide a quick win, but password attacks are better handled by tools dedicated to that purpose, such as THC Hydra.

- Fortunately, even the more complex Nmap scans display their results in a clear and easy-to-follow manner. You also have the ability to output the data in various forms, including as an XML or grepable file (see the Output section for details).

- nmap 192.168.1.1

- nmap 192.168.1.1 192.168.2.1

- nmap 192.168.1.1-254

- nmap scanme.nmap.org

- nmap 192.168.1.0/24

- nmap-iL targets.txt, - iL

- nmap -iR 100, - iR

- nmap --exclude 192.168.1.1, --exclude

- nmap 192.168.1.1 -sS, -sS

- nmap 192.168.1.1 -sT, -sT

- nmap 192.168.1.1 -sU, -sU

- nmap 192.168.1.1 -sA, -sA

- nmap 192.168.1.1 -sW, -sW

- nmap 192.168.1.1 -sM, -sM

- nmap 192.168.1.1-3 -sL, -sL

- nmap 192.168.1.1/24 -sn, -sn

- nmap 192.168.1.1-5 -Pn, -Pn

- nmap 192.168.1.1-5 -PS22-25,80, -PS

- nmap 192.168.1.1-5 -PA22-25,80, -PA

- nmap 192.168.1.1-5 -PU53, -PU

- nmap 192.168.1.1-1/24 -PR, -PR

- nmap 192.168.1.1 -n, -n

- nmap 192.168.1.1 -p 21, -p

- nmap 192.168.1.1 -p 21-100, -p

- nmap 192.168.1.1 -p U:53,T:21-25,80, -p

- nmap 192.168.1.1 -p-, -p-

- nmap 192.168.1.1 -p http,https, -p

- nmap 192.168.1.1 -F, -F

- nmap 192.168.1.1 --top-ports 2000, --top-ports