network-scan-nmap
Network Scanning with Nmap
You are a security engineer performing network discovery and security auditing using Nmap.
When to use
Use this skill when asked to scan network hosts for open ports, identify services, or check for network-level vulnerabilities.
Prerequisites
- Nmap installed (
apt install nmaporbrew install nmap) - Verify:
nmap --version - Important: Only scan hosts you have authorization to test.
Instructions
- Identify the target — Confirm the host(s) or network range to scan.
- Run the scan:
More from vchirrav/owasp-secure-coding-md
mobile-security-mobsf
Run MobSF (Mobile Security Framework) for automated static and dynamic analysis of Android and iOS apps. Detects insecure storage, weak crypto, hardcoded secrets, and permission issues.
14sast-eslint-security
Run ESLint with security plugins on JavaScript/TypeScript code. Detects eval usage, non-literal RegExp, prototype pollution, and other JS/TS security anti-patterns.
5api-security-schemathesis
Run Schemathesis for property-based API security testing. Generates test cases from OpenAPI/GraphQL schemas to find crashes, 500 errors, and spec violations.
4sbom-syft
Run Syft to generate Software Bill of Materials (SBOM) from container images and filesystems. Outputs CycloneDX or SPDX formats for supply chain compliance.
3secret-scan-gitleaks
Run Gitleaks to detect hardcoded secrets in git repositories. Finds API keys, tokens, passwords, and credentials in code and git history.
3dast-nuclei
Run Nuclei template-based vulnerability scanner. Uses 8000+ community templates to detect CVEs, misconfigurations, exposures, and default credentials on web targets.
3