Overall Satisfaction with Nmap
We use Nmap to both scan our network from time to time as well as to validate scan results from other platforms such as Nessus or Nexpose. One of the perks of NMAP is the built-in scrips that not only will look for weaknesses but also validate them by performing the exploit to see if the vulnerability can be exploited or not.
- Very user-intuitive.
- Built-in scripts allow for vulnerability testing.
- Better GUI for ZenMap.
- Can be difficult to learn and master.
- It is open-sourced and widely available.
- However, learning and training can be difficult since there is no support.
While mainly a CLI tool, there is an unofficial GUI. This can help the learning curve but unlike Nessus and Nexpose where there is a well-made user interface, with NMAP you need to really leverage the CLI for the power behind it. When it comes to modules being community-driven however; NMAP normally has the latest exploits before commercial products receive them.
There is a very large support community and a robust selection of add-ons and scripts. Once you get the use down this is one of the most powerful tools and you can find anything you are looking for as far as examples on the web. While not having official support its not lacking by any means.
Do you think Nmap delivers good value for the price?
Are you happy with Nmap's feature set?
Did Nmap live up to sales and marketing promises?
Did implementation of Nmap go as expected?
Would you buy Nmap again?
As a blue/red team member, NMAP is crucial to my day and I would highly recommend it to other users needing the same type of tool for scanning. This tool is a key program to use for enumeration and port-scanning a network. One of the caveats though is if you do not have network connectivity then this tool will not be able to provide any results.