Scan ports on a target host or network.

Performs a port scan using nmap with the specified parameters. Validates all inputs to prevent command injection.

IMPORTANT: Only scan targets you are authorized to scan.

Returns: ScanResult with discovered hosts, ports, and their states.

Discover live hosts on a network without performing a port scan.

Uses nmap ping scan (-sn) to identify which hosts are up on the target network. This is typically the first step in a network assessment.

IMPORTANT: Only scan networks you are authorized to scan.

Returns: HostDiscoveryResult with lists of hosts that are up and down.

Detect services and versions running on open ports.

Uses nmap's service detection probes (-sV) to identify software names, versions, and CPE identifiers for services running on open ports.

IMPORTANT: Only scan targets you are authorized to scan.

Returns: ScanResult with service information for each open port.

Detect the operating system of a target host.

Uses nmap TCP/IP stack fingerprinting (-O) to identify the target's operating system. NOTE: This typically requires elevated privileges (root/sudo).

IMPORTANT: Only scan targets you are authorized to scan.

Returns: ScanResult with OS detection matches for the target host.

Scan for known vulnerabilities using Nmap Scripting Engine (NSE).

Runs NSE vulnerability detection scripts against the target. Uses safe script categories by default. Results include CVE identifiers when available.

IMPORTANT: Only scan targets you are authorized to scan. Vulnerability scanning may trigger security alerts on the target network.

Returns: VulnScanResult with discovered vulnerabilities and their details.

Perform a fast scan of the most common ports.

Scans the top N most frequently used ports with aggressive timing for quick results. Good for getting a fast security overview of a target.

IMPORTANT: Only scan targets you are authorized to scan.

Returns: ScanResult with discovered hosts and open ports.