Nmap and Zenmap are popular tools for scanning network ports, services, and IP ranges - but whatβs the difference? Why would you use one instead of the other? What are some of the benefits and drawbacks of each?
In this article, weβll answer these questions and provide an in-depth look at both tools. Some of the major points weβll discuss are:
- What Zenmap and Nmap are, their features, and uses
- Which operating systems theyβre available for, and how to install them
- Pros and Cons of Zenmap vs Nmap
- Frequently asked questions
In short, everything you might want to know about both products to determine when you might select one over the other and why.
What Are Zenmap and Nmap?
If youβre unfamiliar with these applications, you may be surprised to learn that they are [effectively] the same tool!
Nmap security scanner is a command-line-based multi-platform (Windows, Mac OS X, Linux etc.) network scanning application designed to detect hosts and services on a computer network.
Zenmap is the official Nmap security scanner GUI (Graphical User Interface) version of Nmap. Like Nmap, Zenmap is also multi-platform (available on Linux, Windows, and other operating systems).
Who Uses Zenmap and Nmap?
Nmap users include everyone from beginners to cyber security professionals.
Network administrators use Nmap (and Zenmap) to map subnets and discover hosts. Cyber security professionals use Nmap to scan target systems for open ports and services they might be running. These security scanners are used during hacking and penetration testing to discover target systems, gather information, and check for vulnerabilities.
Regardless of the use case, Nmap and Zenmap should never be used to scan networks and systems you donβt own without explicit permission!
What Are the Capabilities of Zenmap and Nmap?
Both Nmap and Zenmap can be used to provide extensive information about a target network. Some of the commonly-used Nmap features include:
- Host Discovery: Generate a list of hostnames (i.e., a computer or other device that communicates on a network. E.g., PCs, printers, servers, etc.) and their IP addresses.
- Port Scanning: Scan specific ports (or ranges of ports) to determine if theyβre open on a given target or set of targets.
- Operating System Detection: Attempts to guess details about the targetβs operating system, such as vendor (e.g., Microsoft), underlying OS (e.g., Windows), and OS generation (e.g., 10).
- Firewall/Intrusion Detection System (IDS) Evasion: Provides several options for advanced users to prevent scanning activities from being detected (and subsequently dropped) by a firewall or IDS system. E.g., Hiding (or spoofing) your IP address, source port, MAC address, etc.
In Nmap, users leverage command-line switches to define scanning parameters. Zenmapβs interface features a command creator which allows the interactive creation of Nmap command lines using drop-down utilities (which can also be edited by advanced users).
Zenmap can also provide (and save) topology map graphics to help you visualize reachable hosts and their ports:
Zenmap also allows you to save scan results, which can be compared with one another to determine whatβs changed (e.g., hosts or services that were added or removed).
The infographic below provides a side-by-side comparison:
OTHER RESOURCES YOU MAY LIKE:
How to Download and Install Zenmap and Nmap
Both Nmap and Zenmap are available for download at nmap.org/download.html. At the top of the page, you can select your operating system by clicking on the corresponding anchor link:
Supported Operating Systems
Some of the operating systems Nmap and Zenmap are available for are:
You can find support for other operating systems at the bottom of this page.
How to Install Zenmap and Nmap on Windows
The following guide will walk you through the installation steps for Zenmap and Nmap on a Windows PC.
1. Browse to https://nmap.org/download.html#windows, then click on the link to download the latest stable release (version 7.93 at the time of writing):
2. Locate and run the installer, e.g., nmap-7.93-setup.exe. The first step of the installation is to accept the license agreement. Select I Agree to continue:
3. Next, choose the components you want to install. Both setup program installs both Nmap and Zenmap. Untick Zenmap if you wish to forgo the GUI. Click Next to continue:
4. Next, determine where youβd like to install Nmap/Zenmap (C:\Program Files (x86)\Nmap by default). You can leave this as is or install it in a different location by clicking the Browseβ¦ button. Click Install to begin installation:
5. The setup program will validate the installation to let you know it was completed successfully. Click Next to continue:
6. The Nmap setup application will default create shortcuts in your Windows Start Menu and Desktop. Click Next to continue:
7. At the end of the installation process, click Finish to close the Nmap Setup application:
How to Install Zenmap on Kali Linux
Nmap comes bundled with Kali Linux (along with hundreds of other useful tools), so thereβs no need to install it separately. Kali Linux version 2019.4 (and later) removed Zenmap from its package bundle, but you can still install it manually. Hereβs how:
1. Begin by updating Kali Linuxβs package index list. To this, open a terminal window (CTRL+ALT+T), then enter, sudo apt update:
2. To upgrade all packages, run sudo apt full-upgrade -y:
3. Since Zenmap requires dependencies that are no longer supported in Kali Linux, weβll need to use βKaboxerβ (Kali Applications Boxer) to install it as a packaged app in a Docker container. Run sudo apt install zenmap-kbx -y:
4. Zenmap will now be available from the application list:
NMAP vs Zenmap Pros and Cons
Nmap Pros
Nmap Cons
Zenmap Pros
Zenmap Cons
Conclusion
In this article, we explained the differences between Nmap and its official GUI, Zenmap. Zenmap is excellent for users who arenβt comfortable working with command line consoles and provides additional functionality in the way of saveable searches and topology graphics.
For those who need a lightweight but powerful network scanning utility and donβt have access to a GUI (e.g., running scans while connected via SSH), Nmap is the way to go.
In conclusion, these are two sides to the same coin, and both are a welcome addition to your cyber security arsenal. You can master Nmap with our Complete Nmap Ethical Hacking Course, or practice using both in your own virtual hacking lab.