diff --git a/knowledge base/nmap.md b/knowledge base/nmap.md
new file mode 100644
index 0000000..6d82081
--- /dev/null
+++ b/knowledge base/nmap.md	
@@ -0,0 +1,22 @@
+# Nmap
+
+## TL;DR
+
+```shell
+# scan all 65535 ports on a host
+nmap -p- 192.168.1.1
+
+# scan a single port on a subnet
+nmap -p 22 192.168.0.0/24
+
+# detect a host's os
+nmap -O 192.168.0.1
+```
+
+## Further readings
+
+- [Cheatsheet]
+- [OS detection]
+
+[cheatsheet]: https://hackertarget.com/nmap-cheatsheet-a-quick-reference-guide/
+[os detection]: https://nmap.org/book/man-os-detection.html