Nmap is a well known tool used by IT managers, information security analyst and hackers, to scan a network or an IP for information like open ports, services, OS types and more.
On a default Nmap scan, Nmap scans the 1000 most common ports on the target IP.
This list of ports is fetched from the 'nmap-services' file which is downloaded when you install Nmap, the file contains the service name usually listening on the port, the port number and type (tcp/udp) and the frequency of the port as seen on the internet.
The frequency attribute is used in order to pick to the top 1000 most common ports on a regular, default scan, or top 100 most common ports which are used when the '-F' flag is used to run a quick scan (https://nmap.org/book/man-port-specification.html).
I've written a tool which will use the default installation path of 'nmap-services' file on Linux or Windows, and will print the most common ports used by Nmap scans. The number of top ports to print can be set by the user with the '-t' flag. For example '-t 1000' will fetch the 1000 most common ports. The default is 100.
