zenmap

zenmap [options] [target_spec]

The target_spec typically refers to a hostname or IP address range, which zenmap passes directly to Nmap. While many options correspond to Nmap options, which zenmap passes through, it also possesses its own specific options that control its GUI behavior and startup.

--help
    Displays a help message showing available command-line options and exits.

--version
    Displays zenmap's version information and exits.

--stylesheet <path>
    Specifies an alternative stylesheet for the display of scan results, customizing the appearance.

--profile <name>
    Loads a previously saved scan profile by its specified name, pre-filling scan options in the interface.

--open-output <filename>
    Opens a specified Nmap output file (e.g., .xml, .nmap, .gnmap) upon startup, displaying its results.

--allow-root-commands
    Allows Nmap commands to be run as root without requiring a password prompt, potentially bypassing security measures (use with extreme caution).

--no-nmap-exec
    Prevents zenmap from actually executing Nmap; it will only display the Nmap command that would have been run.

--force-gui
    Forces zenmap to start its graphical interface even in environments where it might typically fail (e.g., lacking an X server).

zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It's a cross-platform application designed to make Nmap easier to use for beginners while providing advanced features for experienced users. zenmap allows users to perform network scans, save and compare scan results, and visualize network topology.

It includes a profile system for commonly used scans, a results viewer, and a powerful search function for previous scan results. zenmap translates user inputs into Nmap commands and executes them, then parses the Nmap output to display it in a user-friendly format. It aims to simplify complex Nmap operations and provides a visual representation of network discovery, making it a valuable tool for network administrators and security professionals.

zenmap requires Nmap to be installed and accessible in the system's PATH for its core functionality. As a GUI application, it necessitates a graphical environment (like X Window System on Linux) to run. Running extensive network scans or attempting to visualize very large and complex networks can consume significant system resources (CPU, memory), potentially leading to performance issues. While user-friendly, some highly advanced or esoteric Nmap features might be less intuitive to configure via the GUI compared to direct command-line usage. The --allow-root-commands option, while convenient, can pose significant security risks if used carelessly.

zenmap is fundamentally a sophisticated wrapper around the command-line Nmap tool. All network scans initiated through zenmap are internally translated into standard Nmap commands, and the results are then meticulously parsed from Nmap's XML output to be presented in a graphical format. This tight integration means that zenmap's capabilities and available scanning options are directly tied to the version and features of the underlying Nmap installation.

One of zenmap's most distinctive and useful features is its ability to visualize network topology based on the discovery results obtained from Nmap. It can graphically display discovered hosts, their estimated connections, and identify potential network pathways between them. This visual representation can be invaluable for understanding complex network layouts, identifying unknown devices, and pinpointing potential vulnerabilities in a more intuitive way than raw text output.

zenmap was developed as an official front-end for the powerful Nmap network scanner, aiming to provide a user-friendly graphical interface. It was first released as part of the Nmap suite, specifically accompanying Nmap 4.20 in 2006. The project's goal was to broaden Nmap's accessibility to a wider audience, including those less comfortable with the command line, and to offer visual tools for network discovery and analysis. Since its inception, zenmap has been consistently bundled with Nmap releases, evolving alongside Nmap's capabilities and maintaining its role as the premier graphical interface for network scanning.

nmap(1), wireshark(1), netcat(1), tcpdump(8)