TCP & UDP port scanning
Discover open, closed, and filtered ports across IPv4/IPv6 hosts using Nmap's TCP and UDP scan modes.
Scanner · Network
Nmap Port Scanner.
Hosted. Zero install.
Nmap is a free and open-source utility for network discovery and security auditing, first released in 1997. VulnScanners runs it on our infrastructure so you can target a host, kick off a scan, and get a PDF-ready report — no install, no maintenance.
About the project
What is Nmap?
Per the project, Nmap “determines what hosts are available on the network, what services those hosts are offering, what operating systems they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.” The suite includes Zenmap (GUI), Ncat, Ndiff, and Nping — VulnScanners exposes the scanning core; we skip the GUI side.
- Maintainer
- Nmap project
- First release
- 1997
- License
- Nmap Public Source License
- Source
- nmap.org ↗
Capabilities
What Nmap does
The features below are part of upstream Nmap. We don't re-implement them — we host them.
Service & version detection
Identify the application, vendor, and version behind each open port via Nmap's version detection probes.
OS fingerprinting
Infer the operating system family and generation from TCP/IP stack characteristics.
Nmap Scripting Engine (NSE)
Run from a library of hundreds of NSE scripts for deeper service interrogation, default-cred checks, and protocol probes.
Host discovery
Ping sweeps and host-up checks to confirm which addresses in a range are reachable before scanning.
Firewall & filter awareness
Detect packet filtering and stateful behaviour from scan response patterns.
Why hosted
Same scanner. None of the operational tax.
Zero install
No VM, no Docker, no “works on my laptop”. Hit the scan endpoint from anywhere with a browser.
Static source IP
Scans originate from our fixed range, so clients can allowlist once instead of chasing a residential IP.
PDF report on every scan
Raw output preserved, plus a client-ready PDF with the host summary and port table.
Use cases
Where Nmap earns its keep
Attack surface inventory
List every internet-facing port and service on a client's external range — the artifact that anchors most external pentest engagements.
Change detection between engagements
Re-run the same scan a month later. New ports, new services, new versions — surface what changed since the last report.
Pre-scan reconnaissance
Feed the open-port list into a Nuclei or ZAP scan so the deeper tools only spend credits on services that actually exist.
From the blog
Nmap guides
Nmap Cheat Sheet
The commands you'll actually use — TCP/UDP, NSE, timing, evasion.
Nmap Tutorial
From install to your first useful scan — and how to read the output.
Nmap vs Nuclei vs ZAP
Three open-source scanners, three different jobs — and how to layer them.
Best Open-Source Vulnerability Scanners (2026)
An honest comparison — what each is good at and where it falls short.
Recon utilities
Tools that pair with Nmap
Nmap maps the surface. These utilities go deeper.
Gobuster Tutorial
Directory, DNS, and vhost enumeration — what to run once Nmap finds an HTTP service.
Recon-NG Tutorial
OSINT recon as a framework — workspaces, modules, API keys, and a working pipeline.
Tcpdump Examples
Practical capture and filter examples — the command-line companion to your Nmap output.
SSH Tunnel Examples
Local, remote, and dynamic forwarding — how to reach internal targets without a VPN.
One credit. One Nmap scan. One PDF.
Credit packs start at $10. No subscription, no seats, no overages.