Blog | G5 Cyber Security

Nmap Testing Services

G5 Cyber Security

TL;DR

You want to safely test Nmap without scanning your own systems or others you don’t have permission to scan. This guide lists free and paid services that provide practice targets for learning and improving your Nmap skills.

Testing Nmap: Safe Practice Environments

  1. Hack The Box (HTB) – Starting Point
    • Hack The Box offers a range of virtual machines (boxes) that you can legally scan and attempt to compromise. Some are free, others require a subscription.
    • It’s an excellent platform for learning penetration testing in general, with Nmap being a core skill.
    • Hack The Box Website
  2. TryHackMe (THM) – Guided Learning
    • TryHackMe provides guided learning paths, many of which involve using Nmap to discover vulnerabilities.
    • They have dedicated rooms specifically for Nmap practice.
    • TryHackMe Website
  3. VulnHub – Downloadable VMs
    • VulnHub hosts a collection of vulnerable virtual machines that you can download and run locally (using VirtualBox or VMware).
    • These are designed to be scanned and exploited. Be sure to read the instructions for each VM.
    • VulnHub Website
  4. OverTheWire – Wargames
    • OverTheWire offers a series of wargames, some of which require Nmap to identify open ports and services.
    • It’s a good way to practice your command-line skills alongside Nmap.
    • OverTheWire Website
  5. Nmap’s Official Scanme.nmap.org
    • Nmap provides a publicly available scanme.nmap.org server specifically for testing Nmap itself.
    • It’s a good way to ensure your Nmap installation is working correctly and to experiment with different scan options.
    • To scan it, use: 
      nmap scanme.nmap.org
  6. CTFlearn
    • CTFlearn provides Capture The Flag (CTF) challenges that often involve network scanning with Nmap.
    • CTFlearn Website

Important Considerations

Exit mobile version