See our complete list of top penetration testing tools.
Read user reviews of Nmap.
Nmap is a port scanner more than a penetration testing tool. But it aids pen testing by flagging the best areas to target in an attack. That is useful for ethical hackers in determining network weaknesses. And because it’s open source, it’s free. That makes it handy for those familiar with the open source world, but it may be a challenge for someone new to such applications. Although it runs on all major OSes, Linux users will find it more familiar.
Key features: Network mapper (Nmap) is an open-source tool for vulnerability scanning of systems and networks. This freeware can also monitor host uptime, service uptime and map network attacks. It works on most OSes and large or small networks. It is often used by ethical hackers to characterize a potential attack network. As such, it helps hackers understand the type of hosts, services, OS, packet filters and firewalls they face.
In other words, Nmap maps out potential weaknesses or holes in an environment and can be harnessed as an audit tool to detect poor defenses. The virtual network maps it creates pinpoint major holes an attacker can penetrate. Built-in scripting facilitates automation.
Although Nmap is a scanner, it doesn’t probe for vulnerabilities. It should be viewed more as an assessment tool to determine which ports are open and what services are running. Custom scripts are available to detect specific vulnerabilities. Nmap uses IP packets to determine what hosts are available on the network, what services they offer, OS versions they run, the various packet filters and firewalls in use, etc. It can scale to scan huge networks but can also be deployed against single hosts.
Differentiator: Network mapping to pinpoint holes an attacker could penetrate. It’s also free and backed by a very active community.
What it can’t do: It can’t actually penetrate a vulnerability though it does point out where weaknesses might be.