Zenmap vs Nmap: Which One to Use (and When)

Zenmap vs Nmap: Which One to Use (and When)?

Nmap and Zenmap are popular tools for scanning network ports, services, and IP ranges – but what’s the difference? Why would you use one instead of the other? What are some of the benefits and drawbacks of each?

In this article, we’ll answer these questions and provide an in-depth look at both tools. Some of the major points we’ll discuss are:

  • What Zenmap and Nmap are, their features, and uses
  • Which operating systems they’re available for, and how to install them
  • Pros and Cons of Zenmap vs Nmap
  • Frequently asked questions

In short, everything you might want to know about both products to determine when you might select one over the other and why.

What Are Zenmap and Nmap?

If you’re unfamiliar with these applications, you may be surprised to learn that they are [effectively] the same tool!

Nmap security scanner is a command-line-based multi-platform (Windows, Mac OS X, Linux etc.) network scanning application designed to detect hosts and services on a computer network. 

Zenmap is the official Nmap security scanner GUI (Graphical User Interface) version of Nmap. Like Nmap, Zenmap is also multi-platform (available on Linux, Windows, and other operating systems).

Who Uses Zenmap and Nmap?

Nmap users include everyone from beginners to cyber security professionals.

Network administrators use Nmap (and Zenmap) to map subnets and discover hosts. Cyber security professionals use Nmap to scan target systems for open ports and services they might be running. These security scanners are used during hacking and penetration testing to discover target systems and gather information.

Regardless of the use case, Nmap and Zenmap should never be used to scan networks and systems you don’t own without explicit permission! 

What Are the Capabilities of Zenmap and Nmap?

Both Nmap and Zenmap can be used to provide extensive information about a target network. Some of the commonly-used Nmap features include:

  • Host Discovery: Generate a list of hostnames (i.e., a computer or other device that communicates on a network. E.g., PCs, printers, servers, etc.) and their IP addresses.
  • Port Scanning: Scan specific ports (or ranges of ports) to determine if they’re open on a given target or set of targets.
  • Operating System Detection: Attempts to guess details about the target’s operating system, such as vendor (e.g., Microsoft), underlying OS (e.g., Windows), and OS generation (e.g., 10).
  • Firewall/Intrusion Detection System (IDS) Evasion: Provides several options for advanced users to prevent scanning activities from being detected (and subsequently dropped) by a firewall or IDS system. E.g., Hiding (or spoofing) your IP address, source port, MAC address, etc.

In Nmap, users leverage command-line switches to define scanning parameters. Zenmap’s interface features a command creator which allows the interactive creation of Nmap command lines using drop-down utilities (which can also be edited by advanced users).

Command Line Nmap

Zenmap can also provide (and save) topology map graphics to help you visualize reachable hosts and their ports:

Zenmap topology view (Windows)
Zenmap GUI

Zenmap also allows you to save scan results, which can be compared with one another to determine what’s changed (e.g., hosts or services that were added or removed).

The infographic below provides a side-by-side comparison:

nmap vs zenmap side-by-side comparison

How to Download and Install Zenmap and Nmap

Both Nmap and Zenmap are available for download at nmap.org/download.html. At the top of the page, you can select your operating system by clicking on the corresponding anchor link:

Nmap download page

Supported Operating Systems

Some of the operating systems Nmap and Zenmap are available for are:

You can find support for other operating systems at the bottom of this page.

How to Install Zenmap and Nmap on Windows

The following guide will walk you through the installation steps for Zenmap and Nmap on a Windows PC.

1. Browse to https://nmap.org/download.html#windows, then click on the link to download the latest stable release (version 7.93 at the time of writing):

Nmap download link for Windows

2. Locate and run the installer, e.g., nmap-7.93-setup.exe. The first step of the installation is to accept the license agreement. Select I Agree to continue:

nmap setup window

3. Next, choose the components you want to install. Both setup program installs both Nmap and Zenmap. Untick Zenmap if you wish to forgo the GUI. Click Next to continue:

choose the components window

4. Next, determine where you’d like to install Nmap/Zenmap (C:\Program Files (x86)\Nmap by default). You can leave this as is or install it in a different location by clicking the Browse… button. Click Install to begin installation:

install location window

5. The setup program will validate the installation to let you know it was completed successfully. Click Next to continue:

installation complete window

6. The Nmap setup application will default create shortcuts in your Windows Start Menu and Desktop. Click Next to continue:

create shortcuts window

7. At the end of the installation process, click Finish to close the Nmap Setup application:

finish install window

How to Install Zenmap on Kali Linux

Nmap comes bundled with Kali Linux (along with hundreds of other useful tools), so there’s no need to install it separately. Kali Linux version 2019.4 (and later) removed Zenmap from its package bundle, but you can still install it manually. Here’s how:

1. Begin by updating Kali Linux’s package index list. To this, open a terminal window (CTRL+ALT+T), then enter, sudo apt update:

Upgrade apt in Kali Linux

2. To upgrade all packages, run sudo apt full-upgrade -y:

3. Since Zenmap requires dependencies that are no longer supported in Kali Linux, we’ll need to use “Kaboxer” (Kali Applications Boxer) to install it as a packaged app in a Docker container. Run sudo apt install zenmap-kbx -y:

Install the Zenmap Kaboxer docker container

4. Zenmap will now be available from the application list:

Zenmap in the application list

NMAP vs Zenmap Pros and Cons

Nmap Pros

Free and open source.
Smaller and more portable than Zenmap.
You can run multiple and concurrent scans.
It can be used in environments that lack a GUI (e.g., SSH).

Nmap Cons

The CLI creates a steeper learning curve than GUI-based tools.
Lack of options to export information in a human-readable format suitable for presentation to non-technical stakeholders.

Zenmap Pros

Free and open source.
Easy to use Graphical User Interface (GUI).
Displays scan results in text and graphical formats.
Allows you to save and compare previously-run scans.

Zenmap Cons

Larger footprint compared to Nmap and other CLI-based tools.
Requires dependencies not needed for Nmap, which may or may not be available for your chosen operating system.

Conclusion

In this article, we explained the differences between Nmap and its official GUI, Zenmap. Zenmap is excellent for users who aren’t comfortable working with command line consoles and provides additional functionality in the way of saveable searches and topology graphics.

For those who need a lightweight but powerful network scanning utility and don’t have access to a GUI (e.g., running scans while connected via SSH), Nmap is the way to go.

In conclusion, these are two sides to the same coin, and both are a welcome addition to your cyber security arsenal. You can master Nmap with our Complete Nmap Ethical Hacking Course.

Frequently Asked Questions

CATEGORIES
>