In the realm of cellular networks, security vulnerabilities often result from misconfigurations within their protective mechanisms. Typically, the responsibility for ensuring proper configuration and security checks lies with the network operator. The tool described in this paper, named 5GMap, aims to enable also legitimate subscribers in gaining insights into how data protection mechanisms are configured. By actively manipulating user device security settings during multiple processes of connection setup, and analyzing the relevant network responses, 5GMap enables auditing of the encryption and integrity protection algorithms set by the provider at both radio interface and Core Network access (NAS) protocol. 5GMap has been preliminary assessed over three out of the four major Italian operators, revealing instances where customers could not only negotiate “null” encryption but also where, for two of the three audited operators, “null” encryption was the only current option configured at the NAS layer.