Last updated: January 1, 2023
Scanning a network is the most important part in a penetration test that an IT security professional performs in its very first step.
The result of a scan of a computer network gives extensive information about the operating system of the machines connected to this network. It also gives information about firewalls that are installed, open ports and lots of other information.
In fact, the main goal in this phase is to obtain a set of precise information on the target. Thus, one can determine the best route to penetrate the system. But, to scan a network, we need the right tools. So, select your working weapon wisely!
And if we are talking about network analysis, we are directly thinking of Nmap. No doubt Nmap is a smart tool and has an ability to get the most work out of it, but Nmap is not the only network scanning tool, we have many other tools and they also have their own merits and the one of them is ZMap.
What is ZMap?
ZMap is an open-source network scanner that allows penetration testers to easily perform surveys on a remote server. Indeed, it makes it possible to detect open ports, identify hosted services and obtain information on the operating system of a remote machine.
With a single machine and a fast internet connection, ZMap is able to perform a full scan of IPv4 address space in less than an hour.
You should know that this tool is up to 1 times faster than the popular Nmap scanner. The latter keeps in memory a list of nodes on the Internet that would have responded to the probes while Zmap ignores this time-consuming step in its process.
ZMap usage example
By default, ZMap will perform a TCP SYN scan on the specified port at the maximum possible rate. A more conservative setup that will scan 10.000 random addresses on port 80 at a maximum of 10 Mbps can be run as follows:
Or more concisely specified:
ZMap can also be used to scan specific subnets. For example, to scan only 10.0.0.0/8 and 192.168.0.0/16 on port 80, enter the following command: