Skip to main content
TrustRadius

Overview

What is Nmap?

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

Read more
Recent Reviews

TrustRadius Insights

Nmap is a widely-used network scanning tool that has proven to be invaluable for organizations across various departments. Its primary use …
Continue reading

Nmap to the stars

8 out of 10
September 18, 2019
Incentivized
We use it only on the IT department to make intensive scans on the network for troubleshooting purpose and to find anomalies.
Continue reading

Nmap

9 out of 10
February 07, 2019
Incentivized
The software is used by me personally. Currently, I use Nmap to sweep LANs to determine if any rogue devices are connected. Additionally, …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 10 features
  • Network mapping (15)
    9.5
    95%
  • Network monitoring (11)
    9.0
    90%
  • Automated network device discovery (10)
    8.4
    84%
  • Customizable reports (9)
    4.5
    45%
Return to navigation

Pricing

View all pricing

Nmap OEM Small/Startup Company Redistribution License - Quarterly Term Maintenance Fee

$7,980

Cloud
Every Three Months per license

Nmap OEM Mid-Sized Company Redistribution License - Quarterly Term Maintenance Fee

$11,980

Cloud
Every Three Months per license

Nmap OEM Enterprise Redistribution License - Quarterly Term Maintenance Fee

$13,980

Cloud
Every Three Months per license

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://nmap.org/oem/#:~:text=of%20our%…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $49,980 one-time fee
Return to navigation

Product Demos

Demo Script Bro IDS detect Scan Nmap

YouTube

Nmap demo - Network mapper - Nmap port scan - port scanner - Nmap tutorial - how to use Nmap

YouTube

SSL Testing | Tool Demo testssl.sh, nmap, sslyze, sslscan| Find SSL Config Vulnerability | HackNikal

YouTube

OpenVas - Nmap

YouTube

Kali Linux Tutorial - EP9 - NMAP Introduction and Demo (part 1)

YouTube

Nmap tutorial exploit and take control of a computer demo using BackTrack5

YouTube
Return to navigation

Features

Network Performance Monitoring

A network performance monitoring system monitors the entire network for performance problems and collects performance data such as network traffic analysis performance bottlenecks, etc.

8.1
Avg 8.3
Return to navigation

Product Details

What is Nmap?

Nmap Video

Nmap is free open source tool for network scanning and monitoring. Basically network administrator uses Nmap for penetration for a network. Also many hackers misuse it for breaking the network.

Nmap Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

Nmap starts at $49980.

Reviewers rate Baseline threshold calculation and Wireless infrastructure monitoring highest, with a score of 10.

The most common users of Nmap are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(45)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Nmap is a widely-used network scanning tool that has proven to be invaluable for organizations across various departments. Its primary use case revolves around troubleshooting network issues and identifying potential problems. IT development and technical support departments rely on Nmap to pinpoint and trace network problems, allowing for quick resolution and improved network performance. Additionally, the software is extensively used by IT and Security departments to scan systems for unauthorized open ports and non-approved operating systems, ensuring the overall security of the network. Its ability to verify encryption settings of websites also helps organizations meet cybersecurity standards. Furthermore, Nmap plays a vital role in maintaining system security by checking the versions of open port services, ensuring that the most up-to-date and secure software versions are running. This comprehensive scanning tool provides a snapshot inventory of the network, helps with internal vulnerability testing, identifies network security holes, detects misconfigurations in network topology, and aids in improving overall system security. With its wide range of applications, Nmap has become an essential tool for troubleshooting, auditing, and general network scanning, proving its reliability in the networking and security space.

Extensiveness and Advanced Networking Features: Many users have praised NMap for its extensive range of advanced networking features. These reviewers found the tool to be highly comprehensive, allowing them to perform specific scans and obtain desired results.

Lightweight and Easy to Use: NMap's lightweight nature and ease of use have been highlighted by a significant number of users. They appreciated how quickly they could start up the tool without experiencing any performance issues.

Speedy Network Mapping: Several users have expressed their appreciation for NMap's speed and thoroughness in network mapping. They found the tool's network 'sweep' feature to be quick and efficient in providing an accurate map of their networks.

Steep learning curve on Windows: Many users have found the learning curve for using the tool to be steep, especially when working with it on Windows operating system. They have expressed difficulties in grasping its functionalities and features, which can slow down their overall experience.

Limited functions on Windows: Several reviewers pointed out that certain functions are not available when using the tool on Windows. This limitation has hindered their ability to fully utilize the tool's capabilities and achieve desired results, limiting their effectiveness in vulnerability scanning.

Noisy scans and system appearance of being attacked: Users have reported that current scans conducted by the tool can be quite noisy, creating a perception that their system is under attack. This can lead to confusion and concern about potential security threats, causing unnecessary stress during scanning processes.

Users recommend using Nmap for network inspection and monitoring, as it efficiently scans networks and saves scan results. They also suggest using Nmap for controlling network usage and logging. In addition, Nmap is recommended for performing DOS tests and aggressive port scans. Users find Nmap to be a helpful tool with an easy interface for scanning networks, making it the best free networking scanner available. It offers easy commands and scripts for performing scans, allowing users to check services running on a network and detect vulnerabilities. Overall, users find Nmap useful for mapping and detecting anything in networks, ensuring system security, and detecting open ports.

Attribute Ratings

Reviews

(1-17 of 17)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Nmap is one of those long-standing tools that everyone turns to when they need to scan a network for devices, services, open ports, etc. In our company, it gets used regularly for troubleshooting, auditing, and general tinkering. I'm not sure what we would use in place of it, because there's never been a reason to look elsewhere. It's been around since the 90's and it's always to hand!
  • Comprehensive port scanning of both TCP and UDP ports.
  • Clever 'interrogation' of services listening on open ports. It will use all sorts of techniques to try and work out what service is listening on a port, and potentially even version and host information, etc.
  • Very configurable. You can choose exactly what you want to scan for, limit to port ranges, protocols, IPs, etc.
  • Very scriptable. Being a command-line utility (check out Zenmap if you want a GUI), you can call it from your own scripts, automation pipelines, etc.
  • Not a problem with Nmap, per se, but the related Zenmap GUI could do with some love! It does the job perfectly well so I shouldn't complain, but it would benefit from a modern makeover.
If you're a sysadmin, or anyone who's had to deploy network services, you've almost certainly had to use Nmap at some point or other. Need to see what devices are on your LAN? Nmap can tell you that. Want to check which ports your web server has open to the internet? Nmap is your friend.

Nmap is a powerful command-line tool and has many options that require some reading of documentation to get the best out of (although generally straightforward). If the thought of working at the command-line scares you (presumably not if you're reading this review), then you may want a much simpler tool, or at least check out Zenmap GUI.
Dylan Eikelenboom | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
For our organisation, we use Nmap on a weekly basis, especially in the technical departments (IT development, technical support), primarily for network troubleshooting purposes; We use it to identify network problems, see the route our network messages take geographically, and more. It is quite extensive, and I can say that after a couple of years of use, I am still sometimes surprised about new features I didn't know existed. Lately I have used it quite alot for verifying the encryption settings of our websites (TLS versions, ciphers, SSL certificates), to make sure it is up to our cybersecurity standards.
  • It is open source, so you can verify how it works
  • It is very extensive, with lots of advanced networking features
  • It is very lightweight and easy to start up
  • The learning curve is quite steep
  • On Windows, not all functions are available
  • If you do not limit your scan range, a command can take a really long time to complete
Nmap is the ideal solution if you are working alot in network environments. If you come to grips with the syntax and the most-used features (the online community helps alot), you will be able to much more quickly and thoroughly troubleshoot networks or check for security vulnerabilities, for instance. It is free to use and is available for Windows and Linux, so I would say it is very much warrented for any network administrator or sysadmin to take it out for a spin.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Nmap is pivotal in anyone in the networking and security space. This works on all operating systems and is very simple, but versatile. In my area, we use this often to see what ports and protocols are being used, what are open, auditing, testing, etc. Every vulnerability tool has Nmap built into it for the product. Often, when I have minimal time or access, Nmap is very useful.
  • Scanning multiple IPs for open ports
  • very lightweight and not heavy
  • First step in auditing, pentesting, etc.
  • Bit of a learning curve
  • Syntax can be confusing
Often, when we get a new service or api or endpoint created, we like to check it out and verify network settings upon creation. Especially if there are ports open that we don't need or want depending on internal classification.
Also, when we set up a new product or do a proof-of-concept of a software we're looking into, we like to scan it and see what ports may be used and open and then bring it up with our sales engineers.
Mike Nostrom | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We are generally using Nmap to scan our network segments for lost machines, open ports and vulnerabilities. There are several others that have used it but I am generally the only one to perform large scans.
  • Nmap is fast and flexible, It allows me to perform custom scan across my network(s)
  • Nmap provides crucial OS information when possible
  • comes in GUI and command-line versions
  • allows me to scan individual IP, ranges and full subnets
  • The ability to throttle the scan progress helps me to avoid triggering alarms
  • exporting, There's a serious lack of ability to export the information in a readable format to present to VPs and such. I always find myself doing a lot of data massaging to get it in a pretty format
  • some scans can trigger sensitive IDS/IPS
  • SYN scans can be particularly aggressive and cause problems on remote systems.
Nmap has helped us perform scans of our network to track down lost computers. In this virtual world it is easy to lose a physical box. Nmap has helped up find these lost machine and add appropriate monitoring tools on them. Nmap has also been crucial to find machines for Windows Operating system end of life project. Scanning machine and obtaining OS version is crucial for our Windows decom project.

Exporting the results from these scans do not always format nicely when imported into spreadsheet programs. much data manipulation is required.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use Nmap in our CyberSecurity department to detect different machines and software version in our clients' networks. It helps us to analyze easily the network topology of the network and detect misconfigurations or deprecated software. In that case, we can conduct remediations to patch the machines and improve security.
  • Ease of use
  • Completeness
  • Good interface
  • Lots of options
  • Curve of learning
  • Fluent design
  • Better docs
Nmap is well suited to analyze a new network of which you don't have info, because you can find configurations, OS and software versions, and moreover. Nevertheless, I wouldn't use Nmap in certain environments, like OT, because you can interact with the processes. Besides, if you have a full knowledge of the nerwork, it won't be useful.
Greg Madden, CISSP | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use Nmap to do internal vulnerability testing and identifying holes in network security. The most common use case for me is to use Nmap to identify running services on devices to spot potential weaknesses in firewall rules or router rules. Many employees are familiar with Nmap and use it as well. It helps us identify problems quickly in new environments before we move to vulnerability scanning.
  • Nmap is great at finding live hosts on the network
  • Nmap is great for teaching new cyber specialist how network reconnaissance works
  • Nmap is built into every major recon tool on the market, it just works when it comes to scanning
  • There could be more built in tools for further vulnerability scanning
  • command line Nmap should store recent scans automatically
  • More detail in the help menu for what some of the triggers actually do
One of Nmaps strongest skills is the ability to gather initial evidence about networks to begin narrowing down target windows. Nmap can scan entire subnets and find only live hosts and then more intensively scan the live hosts to help identify which ones have the most vulnerable services or open ports. It is not suited for actual exploitation, just the initial steps
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use Nmap to both scan our network from time to time as well as to validate scan results from other platforms such as Nessus or Nexpose. One of the perks of NMAP is the built-in scrips that not only will look for weaknesses but also validate them by performing the exploit to see if the vulnerability can be exploited or not.
  • Very user-intuitive.
  • Built-in scripts allow for vulnerability testing.
  • Better GUI for ZenMap.
  • Can be difficult to learn and master.
As a blue/red team member, NMAP is crucial to my day and I would highly recommend it to other users needing the same type of tool for scanning. This tool is a key program to use for enumeration and port-scanning a network. One of the caveats though is if you do not have network connectivity then this tool will not be able to provide any results.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Nmap is THE tool to use for network monitoring. Though as a Technical Security Officer I do not do any penetration tests myself, I do the occasional scan with Nmap to check for servers and/or services. With its huge amount of options you can scan your network in any way you like.
  • It's quick (and depending on the options and your preferences for scanning can be made to run even quicker)
  • Huge amount of options
  • User community support is ubiquitous
  • Hardly anything to mention
Very well suited for anyone wanting to scan their network (with permission if required!). Being a command line tool you need some knowledge, so not for a beginner.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use Nmap in our IT operations for troubleshooting network issues and improving network performance. It's great for security testing and mapping your network infrastructure.
  • Open port scanning is a great tool to ensure your internal and external networks are secured.
  • being able to identify endpoints and ensuring they are configured correctly.
  • Great to be able to script within NMAP. It truly can be tailored to your exact needs
  • Wish it had a gui and a better UI experience.
  • Even though it's free an enterprise support option would be great.
Nmap is great at finding out the weak points within your internal and external network. Being able to find out exactly what devices are on your internal network is a great asset to securing your network from internal threats.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
NMap is used both by my department and other departments within our IT section. In particular, the network engineering department uses it to identify end-hosts that may be unauthorized to be on our network, while the security department uses it to assess the threats of different hosts within the enterprise network.
  • Highly accurate endpoint identification
  • Vulnerability scanning is detailed and clear.
  • Easily scripted and analyzed
  • CLI only; there is an unofficial graphical interface (but it isn't too great)
  • Not supported by a vendor
  • Somewhat steep learning curve
NMap is well suited to any environment that requires vulnerability scanning or endpoint identification. The application is free to use and well-documented. Any network that has technicians capable of running and interpreting scans would benefit from installing NMap. The only reason I wouldn't recommend NMap would be a scenario in which the users didn't have the capability to run or interpret the output of the application.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use it to maintain PCI compliance by checking ports, by testing firewall rules, and to double-check what we see connected to the network. It's a great tool to identify unintended changes or open ports, or to verify our third-party scanner reports one way or the other.
  • Detects open ports
  • IDs hosts
  • Checking firewall rules
  • Maybe take some of the features of Zenmap and bake them in?
  • Include fancy extra graphical results charts or graphs or something to show people who you want to convey info too but have no idea what Nmap is actually doing.
  • I don't really think I'd change a lot actually.
If you get an email saying your organization has failed its PCI scan because of a service running on a specific port that is a known port, say port 500 for a tunnel or something, and they want you to justify why port 500 is open, but you never opened port 500, you can use Nmap to check that. It's awesome in that role.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Nmap is an network mapper which is used for finding the open ports in the network and also we can find the vulnerability in the network infrastructure. We've been using Nmap in our organisation since for 1.3 years. It is a very useful tool that I use for scanning and exploiting the latest vulnerability from the network and also we can find the open ports in the network devices.
  • Nmap is an network mapper
  • Finding the open ports is very easy using the Nmap
  • I recommended this tool all the other employees .
  • If there is no network we cannot use this tool
  • I recommended to use this tool
Nmap is well suited for every network device. We use this tool to find the open ports.
September 18, 2019

Nmap to the stars

Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use it only on the IT department to make intensive scans on the network for troubleshooting purpose and to find anomalies.
  • The GUI is very helpful for those that don't like the classic way.
  • Intensive Scan, Ping and port scans
  • Make a little topology of the Host found.
  • Does not work all the time depending on the network and the security on it.
Is a powerful tool, but be careful not to make too many flood and SYN floods using this software. It can scan a lot of things and it can decrease performance on other device in the network.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
It is being used in the IT department for network monitoring. It addresses a wide range of problems, testing device security, identifying unknown devices, and mapping the existing network.
  • Network monitoring
  • Port Scanning
  • Service enumeration.
  • It works perfectly as it is where features are concerned. If it is combined with Zenmap for those preferring a GUI, it's invaluable.
As a new Network Admin coming into a network with virtually no documentation at the workstation OR server level, Nmap was the perfect starting point to get some idea of the types of devices on the network, the services they were running, and how they were configured at the port level.
February 07, 2019

Nmap

Demitri Pevzner | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
The software is used by me personally. Currently, I use Nmap to sweep LANs to determine if any rogue devices are connected. Additionally, any unknown items can be port scanned, and present services determined. Similarly, for security testing, vulnerabilities of specific VMs can be discovered using NSE scripts.
  • Scans for open ports, giving you the option of how aggressively or lightly to scan.
  • Can help determine which OS and services are running on a device, again, giving the option of how aggressively to scan a device.
  • There is something of a learning curve in using the tool. A number of shortcuts and GUI options are available in Zenmap to simplify the process, but perhaps a more visual interface can help simplify the selection process prior to executing the Nmap command.
I would say it excels in network sweeps for either inventory or footprinting. Very easy, intuitive, and the GUI does simplify the process considerably. I would say some of the more complex NSE scripts for finding holes in network security could be done a bit better, but for what it is, it is an excellent tool.
Perry Hahn | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Nmap is utilized by me team of support engineers on a regular basis to identify devices that are on our companies network to see available IP addresses and what we can use to put static IP addresses on our equipment. Using Nmap at first is very confusing but after using it once or twice, it is easy and very helpful.
  • Nmap allows you to search IP ranges that you as the user determine
  • Nmap gives you a detailed list of utilized IP addresses in the range that you have identified
  • Nmap provides what type of device is utilizing an IP address
  • When scanning, you have to put in the exact numbers for it to scan, which can be annoying
  • Nmap is very simple and just pings IP ranges, I wish it could do more
Nmap is well suited for already situated networks when looking for open IP addresses on the network. When a new piece of equipment, such as audio visual equipment, needs to have a static IP for support purposes, Nmap allows you to scan a full IP range and find an open one for you to use.
Kenneth Hess | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
All of IT and Security uses NMap to scan systems for rogue or non-approved open ports. We also scan to be sure there are no non-approved operating systems, such as Windows XP or Vista on the network. I also use it to check open port service versions. In other words, I need to be sure that systems running an SSH server, for example, have the latest or the most secure version of the software. NMap helps us keep our systems secure. A periodic network sweep with it also keeps us updated on any new systems attached to the network and exactly what they're running. It provides a snapshot inventory, as well as, the security information. Any suspect systems can be intensely scanned and physically located for further investigation.
  • NMap provides a very fast and a very thorough network "sweep" that allows you to quickly map out exactly what's on your network.
  • NMap is highly configurable. The "canned" choices are very good in most instances, but using various switches and options, you can create a very specific scan and get exactly the results you're looking for.
  • NMap is easy to use. Even a new administrator will be able to use the graphical version (Zenmap) with efficiency right away.
  • Running stealthier scans would be a bonus. Current scans are pretty noisy.
  • Scans run fast, which sometimes can make it look like a system is being attacked. There is a slow, comprehensive scan option, though.
  • NMap scripts are written in Lua, which is not a mainstream language.
NMap is well suited to just about any situation, network size, or complexity. Some have brought up the point that NMap's proxy settings need work. I haven't used NMap with a proxy. NMap is my "go to" tool for a cursory security sweep. Once a problem is found, I can perform a deeper dive scan on a system or a network. I wouldn't, and don't, use NMap as my only security tool. No single tool has all the answers. For example, it is not a Wireshark in that it does not capture packets or analyze them. It is basically a port scanner, host discovery, OS detection tool.
Return to navigation