Nmap is a command-line network security scanner and reconnaissance framework designed for infrastructure mapping and security auditing. It functions as a packet crafting utility that probes target systems to identify active hosts, detect open ports, and determine the services and operating systems running on a network.
The tool distinguishes itself through its ability to perform raw socket packet injection and stateful connection tracking, allowing it to bypass standard operating system networking stacks. It utilizes an asynchronous concurrency model to manage large-scale network scans and employs specialized packet manipulation techniques to evade firewalls and intrusion detection systems.
Beyond basic discovery, the software integrates a scripting engine that enables users to automate complex network tasks, perform deep service interrogation, and conduct vulnerability assessments. It relies on signature-based identification and TCP/IP stack fingerprinting to provide detailed analysis of remote hardware and software configurations.
