amap

Identify service on a port

$ amap -b [192.168.1.1] [80]

$ amap [192.168.1.1] [1-1000]

$ amap -B [192.168.1.1] [80]

$ amap -u [192.168.1.1] [53]

$ amap -q [192.168.1.1] [80]

amap [options] target port[-port]

amap (Application Mapper) is a next-generation scanning tool that identifies applications and services running on network ports by sending trigger packets and analyzing responses. Unlike simple port scanners, it can identify services running on non-standard ports.
The tool compares responses against a signature database to fingerprint applications, making it useful for security assessments and network auditing.

-b

Banner grabbing mode (just grab banners)

Banner and identification mode

UDP mode (default is TCP)

Quiet mode (less output)

Verbose output

Stop after first match

IPv6 mode

Aggressive mode (more triggers)

Only scan for specific protocol

Read targets from file

Write results to file

For authorized security testing only. May trigger intrusion detection systems. Some services may not respond to trigger packets. Signature database may not include newer applications.

amap was developed by THC (The Hacker's Choice) and released in the early 2000s as a complement to port scanners, focusing on application-layer identification.

nmap(1), netcat(1), masscan(1)