🗺️ Network scanning & recon
Nmap
The classic network mapper — port scanning, OS detection, service fingerprinting.
Why use it
Nmap is the universal tool for network discovery. Every cybersecurity engineer learns it; every homelab needs it. Use it to inventory your own network, identify rogue devices, and validate firewall rules from outside.
What you get
- TCP and UDP port scanning
- Service version detection (-sV)
- OS fingerprinting (-O)
- NSE — 600+ scripts for vuln checks, info gathering, brute force
- XML output for piping into other tools
System requirements
| Cpu | minimal |
|---|---|
| Ram | 256 MB |
| Disk | 100 MB |
| Os | Linux, macOS, Windows, BSD |
| Docker | Yes |
Installation
sudo apt install nmap on Debian/Ubuntu, brew install nmap on macOS. Quick scan of your network: nmap -sV -T4 192.168.1.0/24. For full TCP + version: nmap -p- -sV -T4 <target>.
Suggested configuration
Schedule a weekly inventory scan against your home subnets — diff results to spot new devices. Use the vuln NSE category against your own boxes: nmap --script vuln 192.168.1.10. Save XML output and consume it from a script for automated alerts on new ports.
Integration ideas
- Pipe XML output into Wazuh as custom logs
- Use as input for Nuclei (one-line conversion of services to URLs)
- Combine with Naabu for fast port discovery + Nmap deep scan
Alternatives
- Masscan — Faster for huge ranges; no service detection.
- RustScan — Fast wrapper that pipes into Nmap.
Cyentrix verdict
Mandatory in every cybersecurity toolkit. There is no substitute and no reason not to install it.