Zenmap versions

Track the network activity of a website based on the available hosts.
May 13, 2024
Jun 30, 2023
Sep 22, 2022
Sep 8, 2021
Aug 11, 2019
Editorial review
May 22, 2012
Feb 10, 2011

What's new

v7.8 [Aug 11, 2019]
- The Npcap Windows packet capturing library (https://npcap.org/) is faster and more stable than ever.
- Added 11 NSE scripts, from 8 authors, bringing the total up to 598! They are all listed at https://nmap.org/nsedoc/.
- The macOS installer is now built for x86_64 architecture, not i386.
- Replaced the addrset matching code that is used by --exclude and --excludefile with a much faster implementation using a radix tree (trie).
- Use pcap_create instead of pcap_live_open in Nmap, and set immediate mode on the pcap descriptor. This solves packet loss problems on Linux and may improve performance on other platforms.
- Fixed an infinite loop in tls-alpn when the server forces a particular protocol.
- Collected utility functions for string processing into a new library, stringaux.lua.
- New rand.lua library uses the best sources of random available on the system to generate random strings.
- New library, oops.lua, makes reporting errors easy, with plenty of debugging detail when needed, and no clutter when not.
- Collected utility functions for manipulating and searching tables into a new library, tableaux.lua.
- New knx.lua library holds common functions and definitions for communicating with KNX/Konnex devices.
- The HTTP library now provides transparent support for gzip- encoded response body.
- Add AF_VSOCK (Linux VM sockets) functionality to Nsock and Ncat. VM sockets are used for communication between virtual machines and the hypervisor.
- Address CVE-2019-1552 in OpenSSL by building with the prefix "C:\Program Files (x86)\Nmap\OpenSSL". This should prevent unauthorized users from modifying OpenSSL defaults by writing configuration to this directory.
- Reduced LibPCRE resource limits so that version detection can't use as much of the stack. Previously Nmap could crash when run on low-memory systems against target services which are intentionally or accidentally difficult to match. Someone assigned CVE-2018-15173 for this issue.
- Deprecate and disable the -PR (ARP ping) host discovery option. ARP ping is already used whenever possible, and the -PR option would not force it to be used in any other case.
- Fixed an issue with Ncat -e on Windows that caused early termination of connections.
- Fix a false-positive in http-phpmyadmin-dir-traversal when the server responds with 200 status to a POST request to any URI.
- New vulnerability state in vulns.lua, UNKNOWN, is used to indicate that testing could not rule out vulnerability.
- When searching for Lua header files, actually use them where they are found instead of forcing /usr/include.
- Script traceroute-geolocation no longer crashes when www.GeoPlugin.net returns null coordinates
- Limit verbose -v and debugging -d levels to a maximum of 10. Nmap does not use higher levels internally.
tls.lua when creating a client_hello message will now only use a SSLv3 record layer if the protocol version is SSLv3. Some TLS implementations will not handshake with a client offering less than TLSv1.0. Scripts will have to manually fall back to SSLv3 to talk to SSLv3-only servers.
- Fix a few false-positive conditions in ssl-ccs-injection. TLS implementations that responded with fatal alerts other than "unexpected message" had been falsely marked as vulnerable.
- Emergency fix to Nmap's birthday announcement so Nmap wishes itself a "Happy 21st Birthday" rather than "Happy 21th" in verbose mode (-v) on September 1, 2018.
- Start host timeout clocks when the first probe is sent to a host, not when the hostgroup is started. Sometimes a host doesn't get probes until late in the hostgroup, increasing the chance it will time out.
- Support for edns-client-subnet (ECS) in dns.lua has been improved by:
- Using ECS code compliant with RFC 7871
- Properly trimming ECS address, as mandated by RFC 7871
- Fixing a bug that prevented using the same ECS option table more than once
- Fixed communication with commands launched with -e or -c on Windows, especially when --ssl is used.
- Script http-default-accounts can now select more than one fingerprint category. It now also possible to select fingerprints by name to support very specific scanning.
- Script http-default-accounts was not able to run against more than one target host/port.
- New script-arg `http.host` allows users to force a particular value for the Host header in all HTTP requests.
- Use smtp.domain script arg or target's domain name instead of "example.com" in EHLO command used for STARTTLS. [
- Fix brute.lua's BruteSocket wrapper, which was crashing Nmap with an assertion failure due to socket mixup : nmap: nse_nsock.cc:672: int receive_buf(lua_State*, int, lua_KContext): Assertion `lua_gettop(L) == 7' failed.
- Handle an error condition in smb-vuln-ms17-010 caused by IPS closing the connection.
- Fixed literal IPv6 URL format for connecting through HTTP proxies.
- Updates vendors from ODVA list for enip-info.

Alternative downloads


Intended to manage and update the /etc/hosts file.

Host Manager
Host Manager

It helps you manage your hosts using the Mac OS X Directory Services database.


New all-in-one internet security suite software

Scan Again
Scan Again

GUI front-end for SANE (Scanner Access Now Easy).


Apen source XARA Security Scanner for Mac OS.