Nmap and Zenmap are popular tools for scanning network ports, services, and IP ranges - but what’s the difference? Why would you use one instead of the other? What are some of the benefits and drawbacks of each?
In this article, we’ll answer these questions and provide an in-depth look at both tools. Some of the major points we’ll discuss are:
- What Zenmap and Nmap are, their features, and uses
- Which operating systems they’re available for, and how to install them
- Pros and Cons of Zenmap vs Nmap
- Frequently asked questions
In short, everything you might want to know about both products to determine when you might select one over the other and why.
What Are Zenmap and Nmap?
If you’re unfamiliar with these applications, you may be surprised to learn that they are [effectively] the same tool!
Nmap security scanner is a command-line-based multi-platform (Windows, Mac OS X, Linux etc.) network scanning application designed to detect hosts and services on a computer network.
Zenmap is the official Nmap security scanner GUI (Graphical User Interface) version of Nmap. Like Nmap, Zenmap is also multi-platform (available on Linux, Windows, and other operating systems).
Who Uses Zenmap and Nmap?
Nmap users include everyone from beginners to cyber security professionals.
Network administrators use Nmap (and Zenmap) to map subnets and discover hosts. Cyber security professionals use Nmap to scan target systems for open ports and services they might be running. These security scanners are used during hacking and penetration testing to discover target systems, gather information, and check for vulnerabilities.
Regardless of the use case, Nmap and Zenmap should never be used to scan networks and systems you don’t own without explicit permission!
What Are the Capabilities of Zenmap and Nmap?
Both Nmap and Zenmap can be used to provide extensive information about a target network. Some of the commonly-used Nmap features include:
- Host Discovery: Generate a list of hostnames (i.e., a computer or other device that communicates on a network. E.g., PCs, printers, servers, etc.) and their IP addresses.
- Port Scanning: Scan specific ports (or ranges of ports) to determine if they’re open on a given target or set of targets.
- Operating System Detection: Attempts to guess details about the target’s operating system, such as vendor (e.g., Microsoft), underlying OS (e.g., Windows), and OS generation (e.g., 10).
- Firewall/Intrusion Detection System (IDS) Evasion: Provides several options for advanced users to prevent scanning activities from being detected (and subsequently dropped) by a firewall or IDS system. E.g., Hiding (or spoofing) your IP address, source port, MAC address, etc.
In Nmap, users leverage command-line switches to define scanning parameters. Zenmap’s interface features a command creator which allows the interactive creation of Nmap command lines using drop-down utilities (which can also be edited by advanced users).
Zenmap can also provide (and save) topology map graphics to help you visualize reachable hosts and their ports:
Zenmap also allows you to save scan results, which can be compared with one another to determine what’s changed (e.g., hosts or services that were added or removed).
The infographic below provides a side-by-side comparison:
OTHER RESOURCES YOU MAY LIKE:
How to Download and Install Zenmap and Nmap
Both Nmap and Zenmap are available for download at nmap.org/download.html. At the top of the page, you can select your operating system by clicking on the corresponding anchor link:
Supported Operating Systems
Some of the operating systems Nmap and Zenmap are available for are:
You can find support for other operating systems at the bottom of this page.
How to Install Zenmap and Nmap on Windows
The following guide will walk you through the installation steps for Zenmap and Nmap on a Windows PC.
2. Locate and run the installer, e.g., nmap-7.93-setup.exe. The first step of the installation is to accept the license agreement. Select I Agree to continue:
3. Next, choose the components you want to install. Both setup program installs both Nmap and Zenmap. Untick Zenmap if you wish to forgo the GUI. Click Next to continue:
4. Next, determine where you’d like to install Nmap/Zenmap (C:\Program Files (x86)\Nmap by default). You can leave this as is or install it in a different location by clicking the Browse… button. Click Install to begin installation:
5. The setup program will validate the installation to let you know it was completed successfully. Click Next to continue:
6. The Nmap setup application will default create shortcuts in your Windows Start Menu and Desktop. Click Next to continue:
7. At the end of the installation process, click Finish to close the Nmap Setup application:
How to Install Zenmap on Kali Linux
Nmap comes bundled with Kali Linux (along with hundreds of other useful tools), so there’s no need to install it separately. Kali Linux version 2019.4 (and later) removed Zenmap from its package bundle, but you can still install it manually. Here’s how:
1. Begin by updating Kali Linux’s package index list. To this, open a terminal window (CTRL+ALT+T), then enter,
sudo apt update:
2. To upgrade all packages, run
sudo apt full-upgrade -y:
3. Since Zenmap requires dependencies that are no longer supported in Kali Linux, we’ll need to use “Kaboxer” (Kali Applications Boxer) to install it as a packaged app in a Docker container. Run
sudo apt install zenmap-kbx -y:
4. Zenmap will now be available from the application list:
NMAP vs Zenmap Pros and Cons
In this article, we explained the differences between Nmap and its official GUI, Zenmap. Zenmap is excellent for users who aren’t comfortable working with command line consoles and provides additional functionality in the way of saveable searches and topology graphics.
For those who need a lightweight but powerful network scanning utility and don’t have access to a GUI (e.g., running scans while connected via SSH), Nmap is the way to go.
In conclusion, these are two sides to the same coin, and both are a welcome addition to your cyber security arsenal. You can master Nmap with our Complete Nmap Ethical Hacking Course, or practice using both in your own virtual hacking lab.