Maxaad Baranaysaa Casharkaan?
Nmap (Network Mapper) waa tool-ka ugu caansan ee port scanning-ka. Waxaa abuurtay Gordon Lyon ("Fyodor") 1997. Waxaa isticmaala dhammaan xirfadlayaasha cybersecurity adduunka. Casharkaan wuxuu kugu barin doonaa sida loo isticmaalo Nmap si xirfad leh.
📌 Waxaad baranaysaa: Nmap waa maxay, noocyada scan-ka, output-ka faahfaahsan, OS detection, service version, iyo NSE scripts.
⚖️ Ogeysiis Muhiim ah: Nmap HU ISTICMAALI nidaamka aad fasax u leedahay oo keliya! Localhost (127.0.0.1) ama nidaam test-ka ku habboon (sida VulnHub/HackTheBox VMs). Scanning nidaamka kale fasax la'aanteed waa dembi sharci ah dalal badan.
1. Nmap Rakib
# Kali Linux (horay loo rakibay)
nmap --version
# Ubuntu/Debian
sudo apt update && sudo apt install nmap
# macOS
brew install nmap
# Windows
# Ka soo dajiso nmap.org/download.html
# Xaqiijiso
nmap --version
# Nmap version 7.94 ...2. Scan-ka Aasaasiga ah
# Scan host gaar ah
nmap 192.168.1.1
# Scan domain
nmap scanme.nmap.org # (Site testa oo Nmap siiyeen si sharci ah)
# Scan range shabakadeed
nmap 192.168.1.0/24 # Scan dhammaan nidaamyada 192.168.1.1-254
nmap 192.168.1.1-20 # Scan 192.168.1.1 ilaa .20
# Hubi hadduu host socdo (ping scan)
nmap -sn 192.168.1.0/243. Noocyada Scan-ka Muhiimka ah
| Nooca Scan | Flag | Sharaxaad |
|---|---|---|
| TCP SYN (Default) | -sS | Scan-ka ugu caansan — "half open" — dhakhso badan, yar in la ogaado |
| TCP Connect | -sT | Full TCP handshake — aad bay u caddahay, laakiin fasax admin ma baahna |
| UDP Scan | -sU | Scan-ka UDP ports — gaabis laakiin muhiim |
| Ping Scan | -sn | Kaliya hubi hadduu host socdo — ma scanneyso ports |
| Version Detection | -sV | Hel nooca software-ka adeegga |
| OS Detection | -O | Fiiri OS-ka nidaamka (root/admin u baahan) |
| Aggressive | -A | Dhammaan: OS, version, scripts, traceroute |
4. Scan-yada Xirfadlaha
# Version detection — software-ka ogaanshaha
nmap -sV 192.168.1.1
# OS detection (root u baahan)
sudo nmap -O 192.168.1.1
# Aggressive scan (dhammaan macluumaadka)
sudo nmap -A 192.168.1.1
# Scan ports gaar ah
nmap -p 80,443,22,21 192.168.1.1
# Scan dhammaan 65535 ports
nmap -p- 192.168.1.1
# Scan ports ugu caansan 1000
nmap --top-ports 1000 192.168.1.1
# Qareen (stealth) scan — dhakhso yar
sudo nmap -sS -T2 192.168.1.1
# Dhakhso badan
nmap -T4 192.168.1.1
# Keydi natiijada faylo
nmap -oN natiijo.txt 192.168.1.1 # Normal
nmap -oX natiijo.xml 192.168.1.1 # XML
nmap -oG natiijo.grep 192.168.1.1 # Grepable5. Turjumida Natiijada
# Tusaale natiijo:
nmap -sV scanme.nmap.org
# Starting Nmap 7.94 ...
# Nmap scan report for scanme.nmap.org (45.33.32.156)
# Host is up (0.15s latency).
# Not shown: 995 closed tcp ports (reset)
#
# PORT STATE SERVICE VERSION
# 22/tcp open ssh OpenSSH 6.6.1p1
# 25/tcp filtered smtp
# 80/tcp open http Apache httpd 2.4.7
# 9929/tcp open nping-echo Nping echo
#
# Nmap done: 1 IP address (1 host up) scanned in 12.34 seconds
# Macnaha:
# open = Port furan — adeeg wuu shaqaynayaa
# closed = Port xidhan — ma jiro adeeg
# filtered = Firewall ayaa xidaya — ma garan karno
# SERVICE = Nooca adeegga
# VERSION = Nooca software-ka6. NSE Scripts — Nmap Scripting Engine
NSE (Nmap Scripting Engine) waxay kugu oggolaanaysaa inaad ku darto functionalities dheeraad ah scan-kaaga.
# Liiska scripts-ka
ls /usr/share/nmap/scripts/ | head -20
# Isticmaal script gaar ah
nmap --script http-title 192.168.1.1 # Hel HTML title
nmap --script http-auth 192.168.1.1 # HTTP authentication
nmap --script ssh-brute 192.168.1.1 # SSH brute force (LAA ISTICMAALIN si xun!)
# Checks nuglaanshaha SMB
nmap --script smb-vuln-ms17-010 192.168.1.1 # EternalBlue (WannaCry)
# Scan vuln dhammaan
nmap --script vuln 192.168.1.1 # Dhammaan vulnerability scripts
# Hel xogta HTTP server
nmap --script http-headers 192.168.1.1
nmap --script http-methods 192.168.1.17. Practice: Scan Localhost
# Scan naftiisa (localhost — si ammaan ah)
nmap localhost
nmap 127.0.0.1
# Ku dar version detection
nmap -sV localhost
# Aad ugu faahfaahsan
sudo nmap -A localhost
# Fiiri ports-ka adoo isticmaalaya ss
ss -tulnp
# Laba bar: Nmap vs ss — is barbardhig
# Nmap wuxuu ka shaqeeyaa dibadda (scanner)
# ss wuxuu ka shaqeeyaa gudaha nidaamka🎉 Hambalyo! Waxaad dhammaystirtay Casharka 5aad — Nmap! Hadda waxaad kari kartaa inaad baarto nidaamyada si xirfad leh. Casharka xiga — casharka ugu dambeeya — waxaad baranaysaa Web Security: XSS, SQL Injection, iyo directory discovery.