📰 Originally published on SecurityElites — the canonical, fully-updated version of this article.
DAY 1 OF 180
KALI LINUX MASTERY COURSE
FREE — ALL 180 DAYS
🔵 Day 1 — Nmap Tutorial: Network Mapper
Day 180 — Advanced Kali Mastery
← Your journey begins here 🚀
🎉 Welcome to the 180-Day Kali Linux Mastery Course
180 days. 180 tools. One goal: make you a complete, job-ready Kali Linux practitioner. Every day you learn one tool — in full depth, step by step, from the very first command to professional-level use. No shortcuts. No skipping steps. No assuming you already know something.
This course is designed for absolute beginners who have never opened a terminal — and scales to cover the same tools professionals use in real penetration tests. Spend 60–90 minutes per day and by Day 180 you will have hands-on experience with the most important security tools in the world.
01
Right now, on any network you’re connected to — your home WiFi, your office LAN, a hotel network — there are devices you have never seen, running services you do not know about, with ports open that nobody has reviewed. Routers, smart TVs, printers, cameras, old laptops that someone forgot to turn off. A security professional can map every single one of them in under 60 seconds. Today you learn exactly how.
Nmap — the Network Mapper — is the first tool every penetration tester, every security researcher, and every ethical hacker learns. It is on Kali Linux by default. It is used in every professional engagement. It was featured in the films The Matrix Reloaded, Die Hard 4, and Bourne Ultimatum because it is the real tool actual hackers use. Not a Hollywood prop. The real thing.
By the end of this lesson you will understand what Nmap is, why it is the foundation of network security work, and — most importantly — you will have run your own scans, read real output, and understood every line of it. Let’s begin.
🖥️
Day 1 Requirements
Kali Linux (VirtualBox, VMware, bare metal, or WSL2) — Nmap comes pre-installed. A target to scan: your own home router IP (e.g. 192.168.1.1), a Metasploitable2 VM in your lab, or a TryHackMe/Hack The Box machine. Never scan networks or systems you do not own or have explicit written permission to scan.
📋 Day 1 Contents — Nmap Complete Tutorial
- What Is Nmap and Why It Matters
- Step 1 — Install and Verify Nmap
- Step 2 — Your First Nmap Scan
- Step 3 — Reading Nmap Output
- Step 4 — Port Range Scanning
- Step 5 — Nmap Scan Types Explained
- Step 6 — Service and Version Detection
- Step 7 — OS Fingerprinting
- Step 8 — The Aggressive Scan (-A)
- Step 9 — Scanning a Whole Subnet
- Step 10 — Saving Nmap Results
- Bonus — Nmap Scripting Engine (NSE)
- Nmap Commands Cheat Sheet
- Day 1 Task and Challenge
Before we type a single command, let’s understand what we’re actually doing. The biggest mistake beginners make in Kali Linux is typing commands without understanding them. In this course, you will never type a command you do not understand. Every flag, every option, every output line — explained. That is the promise of this course, and we start it right now on Day 1.
What Is Nmap and Why Is It the First Tool Every Security Pro Learns?
Nmap stands for Network Mapper. It was created by Gordon Lyon (known as “Fyodor”) in 1997 and is still actively maintained nearly 30 years later. That longevity says everything about its quality — in a field where tools become obsolete in months, Nmap is as essential today as it was when Bill Clinton was president.
At its core, Nmap does one thing: it sends carefully crafted network packets to a target and analyses the responses. From those responses it can determine which hosts are alive, which ports are open, what services are running on those ports, what software versions those services are running, and what operating system the target is using. This is called network reconnaissance or network enumeration — and it is always the first phase of any authorised security assessment.
🎯 What Nmap Can Discover
LIVE HOSTS
Which IP addresses have active devices — computers, phones, printers, routers
OPEN PORTS
Which network ports are open and accepting connections (65,535 possible ports)
SERVICES
What applications are running on those ports: HTTP, SSH, FTP, SMB, MySQL…
VERSIONS
Exact software versions: Apache 2.4.51, OpenSSH 8.9, Nginx 1.20 — crucial for CVE lookup
OS TYPE
Operating system fingerprinting: Windows 10, Ubuntu 22.04, Cisco IOS, Android…
VULNERABILITIES
Via NSE scripts — check for known CVEs, default credentials, misconfigurations
STEP 1 Install and Verify Nmap in Kali Linux
Nmap comes pre-installed on Kali Linux. But we always verify before assuming. Open your Kali Linux terminal — press Ctrl+Alt+T or click the terminal icon in the taskbar.
kali@kali: ~$ — Verify Nmap Installation
┌──(kali㉿kali)-[~]
└─$ nmap –version
Nmap version 7.94SVN ( https://nmap.org )
Platform: x86_64-pc-linux-gnu
Compiled with: liblua-5.4.6 openssl-3.1.4 libssh2-1.11.0 libz-1.2.13 libpcre2-10.42
Compiled without: liblinear
Available nsock engines: epoll poll select
📖 Read the complete guide on SecurityElites
This article continues with deeper technical detail, screenshots, code samples, and an interactive lab walk-through. Read the full article on SecurityElites →
This article was originally written and published by the SecurityElites team. For more cybersecurity tutorials, ethical hacking guides, and CTF walk-throughs, visit SecurityElites.
Top comments (0)