Which feature does NMAP provide besides port scanning?

Nmap’s power goes beyond simply listing open ports by letting you identify what kind of device sits behind those ports—that’s OS fingerprinting. By sending a carefully chosen set of probes and examining how the target reacts, Nmap can infer the operating system and sometimes the device type. This process, called OS detection, uses patterns in responses like TTL values, TCP window size, options supported, and ICMP behavior, and it matches them against a database of known fingerprints. This is the best answer because knowing the target’s OS provides valuable context for the next steps in an assessment—tailoring service checks, choosing compatible exploits or credentials, or adjusting evasion techniques. While traceroute is a separate capability in Nmap, the option that directly adds meaningful host-identifying information beyond port status is OS fingerprinting. Email collection and web server hosting are not functions Nmap performs.