Nmap & NSE

Last Modification

Description of the Tool:


Nmap is a free and open-source security scanner, originally written by Gordon Lyon, used to discover hosts and services on a computer network, thus building a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses


The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. Users can rely on the growing and diverse set of scripts distributed with Nmap, or write their own to meet custom needs.

Project Details:


Official Nmap site.


Official Nmap Scripting Engine (NSE) site.




  • Halcyon IDE - Halcyon is the first IDE specifically focused on Nmap Script (NSE) Development.

Presentations/Blogs on the Tool:


HighOn.Coffe - Nmap Cheat Sheet


Using Nmap to Screenshot Web Services

Personal Note

I've used this several times and it works, however, I've compared findings with others using other tools and it wasn't as accurate.

Security Weekly (2018)

BSidesSLC (2017)

NMap Command Cheat Sheet

Command Description Notes
nmap -sP x.x.x.x/24 Performes a ping scan of the network
nmap -iL ipaddresses.txt Scans a list of ip addresses Additional options can be before or after
nmap -sV -p 80,443 -oG output.txt Outputs to a "grepable" file File output file could be grepped for "Open"
nmap -p80,443 -oG - nikto -h - Scans for http/https on hosts