30 Days of Nmap is a comprehensive, hands-on learning journey designed to take you from absolute beginner to network security expert using Nmap - the world's most powerful network scanner. This structured 30-day curriculum covers everything from basic port scanning to advanced evasion techniques, making it perfect for cybersecurity enthusiasts, ethical hackers, network administrators, and penetration testers.
Hack4Bug-Academy/
│
├── Day01-Introduction-to-Nmap/
├── Day02-Nmap-Installation-and-Setup/
├── Day03-Understanding-Ports-and-Protocols/
├── Day04-Basic-Host-Discovery/
├── Day05-Basic-Port-Scanning/
├── Day06-TCP-Scan-Techniques-SYN-and-Connect/
├── Day07-UDP-Scanning/
├── Day08-Service-and-Version-Detection/
├── Day09-OS-Fingerprinting/
├── Day10-Timing-and-Performance-Options/
│
├── Day11-Nmap-Scripting-Engine-Basics/
├── Day12-NSE-Discovery-Scripts/
├── Day13-NSE-Vulnerability-Scripts/
├── Day14-Bruteforce-and-Authentication-Scripts/
├── Day15-Custom-NSE-Scripts-Overview/
│
├── Day16-Output-Formats-and-Reporting/
├── Day17-Grepable-and-XML-Parsing/
├── Day18-Nmap-Automation-with-Shell-Scripts/
├── Day19-Multiple-Targets-and-IP-Ranges/
├── Day20-Stealth-and-Evasion-Techniques/
│
├── Day21-Firewall-and-IDS-Evasion/
├── Day22-Spoofing-and-Decoy-Scanning/
├── Day23-Fragmentation-and-Packet-Manipulation/
├── Day24-Web-Server-Scanning-with-Nmap/
├── Day25-Database-and-SMB-Enumeration/
│
├── Day26-Cloud-and-External-Perimeter-Scanning/
├── Day27-Internal-Network-Enumeration/
├── Day28-Real-World-Reconnaissance-Methodology/
├── Day29-Full-Nmap-Recon-Workflow/
└── Day30-Final-Practical-Challenge/
- Network Discovery & Scanning: Master host discovery, port scanning techniques, and service enumeration
- Protocol Expertise: Deep dive into TCP, UDP, and various network protocols
- Advanced Detection: Learn OS fingerprinting, version detection, and timing optimization
- Automated Security Testing: Harness the power of NSE (Nmap Scripting Engine)
- Vulnerability Assessment: Use built-in scripts for security auditing
- Custom Scripting: Learn to write and modify NSE scripts for specific tasks
- Reporting & Automation: Generate comprehensive reports in multiple formats
- Large-Scale Scanning: Techniques for scanning networks and IP ranges efficiently
- Output Management: Parse and analyze scan results like a professional
- Stealth & Evasion: Bypass firewalls, IDS/IPS systems, and detection mechanisms
- Targeted Enumeration: Specialized scanning for web servers, databases, and SMB services
- Real-World Reconnaissance: Build complete security assessment workflows
- Cloud & Network Security: Techniques for modern infrastructure scanning
- Basic understanding of networking concepts
- Linux/Unix command line familiarity
- Nmap installed on your system
- Ethical testing environment (own network/lab)
# Clone the repository
git clone https://github.com/hack4bug/30Days-Nmap.git
# Navigate to the project
cd 30Days-Nmap
# Start with Day 01
cd Day01-Introduction-to-Nmap - Cybersecurity Beginners - Start your ethical hacking journey with structured, hands-on learning
- Network Administrators - Enhance your security auditing skills and protect your infrastructure
- Penetration Testers - Master reconnaissance techniques and expand your toolset
- IT Professionals - Understand network vulnerabilities and improve security posture
- Students & Certification Seekers - Prepare for CEH, Pentest+, Security+, and other cybersecurity certifications
- Security Enthusiasts - Anyone passionate about network security and ethical hacking
- System Administrators - Learn to audit and secure servers and network devices
- DevSecOps Engineers - Integrate security scanning into development pipelines
- Bug Bounty Hunters - Improve reconnaissance skills for finding security vulnerabilities
- Red & Blue Team Members - Enhance both offensive and defensive security capabilities
- Basic understanding of networking concepts
- Linux/Unix command line familiarity
- Nmap installed on your system
- Ethical testing environment (own network/lab)
- Structured 30-Day Learning Path - Progress systematically from basics to advanced techniques
- Hands-On Practical Exercises - Real-world scanning scenarios and challenges
- Comprehensive Coverage - Explore all Nmap features and capabilities
- Professional Techniques - Industry-standard security assessment methods
- Open Source & Free - Complete access to all materials and resources
- Community Supported - Regularly updated with contributions from security experts
- Practical Challenges - Apply your knowledge with real-world scenarios
- Primary Tool: Nmap (Network Mapper)
- Scripting: NSE (Nmap Scripting Engine) with Lua
- Supporting Tools: Various networking and security utilities
- Platforms: Cross-platform (Windows, Linux, macOS)
By completing this 30-day challenge, you will be able to:
- Perform comprehensive network reconnaissance and asset discovery
- Identify open ports and services on target systems with precision
- Detect operating systems and software versions accurately
- Discover security vulnerabilities using automated scripts and manual techniques
- Evade security systems during authorized penetration tests
- Generate professional security assessment reports for stakeholders
- Automate scanning workflows for efficiency in large environments
- Conduct ethical security audits following industry best practices
- Customize scanning approaches for different target types and environments
- Integrate Nmap into larger security workflows and toolchains
The repository follows a logical progression across 30 days, each focusing on specific Nmap capabilities:
Weeks 1-2: Foundation building with basic scanning techniques
Weeks 3-4: Advanced features and automation with NSE
Weeks 5-6: Professional workflows and evasion techniques
Final Week: Real-world application and comprehensive challenges
Each day contains practical exercises, examples, and documentation to reinforce learning.
We welcome contributions from the security community! Whether you're fixing typos, adding new exercises, improving documentation, or translating content, your help makes this resource better for everyone.
- Fork the repository to your GitHub account
- Create a new branch for your changes
- Make your improvements or additions
- Test your changes thoroughly
- Submit a pull request with a clear description of your changes
Please read our contributing guidelines for more details on our code of conduct and submission process.
IMPORTANT: This repository is for EDUCATIONAL PURPOSES AND AUTHORIZED TESTING ONLY.
- Only scan networks you own or have explicit written permission to test
- Unauthorized scanning is illegal, unethical, and may result in legal consequences
- The authors and contributors are not responsible for any misuse of this information
- Always comply with local laws, regulations, and organizational policies
- Use these skills to improve security defenses, not to compromise them
- Respect privacy and obtain proper authorization before any security testing
- Follow responsible disclosure practices when vulnerabilities are discovered
This project is licensed under the MIT License - see the LICENSE file for details.
- Nmap Development Team for creating an amazing tool
- Cybersecurity community for continuous knowledge sharing
- All contributors who help improve this learning resource
- Open source community for maintaining and improving security tools
If you find this resource helpful:
- Star the repository to show your support
- Watch for updates and new content
- Report issues and suggest improvements
- Share with your network and colleagues
Have questions or want to connect?
- GitHub Issues - For technical questions and bug reports
- GitHub Discussions - For community discussions and support
- Contribute - Help make this resource better for everyone
Start your journey today and master network security with Nmap in just 30 days!
"The quieter you become, the more you are able to hear." - UNIX Philosophy