diff --git a/pages/common/nmap.md b/pages/common/nmap.md
index 54aead56f8..ea22c1e349 100644
--- a/pages/common/nmap.md
+++ b/pages/common/nmap.md
@@ -1,37 +1,37 @@
 # nmap
 
 > Network exploration tool and security/port scanner.
-> Some features only activate when Nmap is run with root privileges.
-> More information: <https://nmap.org>.
+> Some features (e.g. SYN scan) activate only when `nmap` is run with root privileges.
+> More information: <https://nmap.org/book/man.html>.
 
-- Check if an IP address is up, and guess the remote host's operating system:
+- Scan the top 1000 ports of a remote host with various [v]erbosity levels:
 
-`nmap -O {{ip_or_hostname}}`
+`nmap -v{{1|2|3}} {{ip_or_hostname}}`
 
-- Try to determine whether the specified hosts are up (ping scan) and what their names and MAC addresses are:
+- Run a ping sweep over an entire subnet or individual hosts very aggressively:
 
-`sudo nmap -sn {{ip_or_hostname}} {{optional_another_address}}`
+`nmap -T5 -sn {{192.168.0.0/24|ip_or_hostname1,ip_or_hostname2...}}`
 
-- Also enable scripts, service detection, OS fingerprinting and traceroute:
+- Enable OS detection, version detection, script scanning, and traceroute:
 
-`nmap -A {{address_or_addresses}}`
+`sudo nmap -A {{ip_or_hostname1,ip_or_hostname2...}}`
 
-- Scan a specific list of ports (use '-p-' for all ports from 1 to 65535):
+- Scan a specific list of ports (use `-p-` for all ports from 1 to 65535):
 
-`nmap -p {{port1,port2,...,portN}} {{address_or_addresses}}`
+`nmap -p {{port1,port2...}} {{ip_or_host1,ip_or_host2...}}`
 
-- Perform service and version detection of the top 1000 ports using default NSE scripts; writing results ('-oN') to output file:
+- Perform service and version detection of the top 1000 ports using default NSE scripts, writing results (`-oA`) to output files:
 
-`nmap -sC -sV -oN {{top-1000-ports.txt}} {{address_or_addresses}}`
+`nmap -sC -sV -oA {{top-1000-ports}} {{ip_or_host1,ip_or_host2...}}`
 
-- Scan target(s) carefully using 'default and safe' NSE scripts:
+- Scan target(s) carefully using `default and safe` NSE scripts:
 
-`nmap --script "default and safe" {{address_or_addresses}}`
+`nmap --script "default and safe" {{ip_or_host1,ip_or_host2...}}`
 
-- Scan web server running on standard ports 80 and 443 using all available 'http-*' NSE scripts:
+- Scan for web servers running on standard ports 80 and 443 using all available `http-*` NSE scripts:
 
-`nmap --script "http-*" {{address_or_addresses}} -p 80,443`
+`nmap --script "http-*" {{ip_or_host1,ip_or_host2...}} -p 80,443`
 
-- Perform a stealthy very slow scan ('-T0') trying to avoid detection by IDS/IPS and use decoy ('-D') source IP addresses:
+- Attempt IDS/IPS detection by using an extremely slow scan (`-T0`), decoy source addresses (`-D`), [f]ragmented packets, random data and other methods:
 
-`nmap -T0 -D {{decoy1_ipaddress,decoy2_ipaddress,...,decoyN_ipaddress}} {{address_or_addresses}}`
+`sudo nmap -T0 -D {{decoy_ip1,decoy_ip2...}} --source-port {{53}} -f --data-length {{16}} -Pn {{ip_or_host}}`