Best port scanner?

  • Nmap

    Votes: 31 77.5%
  • Zenmap

    Votes: 4 10.0%
  • Lama

    Votes: 2 5.0%
  • other

    Votes: 3 7.5%

  • Total voters


Apr 27, 2015
A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.

A port scan or portscan can be defined as a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by hackers to probe target machine services with the aim of exploiting a known vulnerability of that service, however the majority of uses of a port scan are not attacks and are simple probes to determine services available on a remote machine. Source (Wikipedia)

I'm sure there are better ones. Post your favorite one below! We've got to find the best one :)
Last edited:


Retired Staff
Nov 2, 2015
I love port scanning, sometimes I try to find several ips where there is a teamspeak server query port listening, and try my ip stresser against it. It is very fun.

nmap --open -v -p 10011 192.168.1.*


Feb 27, 2016
Hey! My favorite is nmap (but I usually use Zenmap for screenshot/evidence reporting).

Something important about reconnaissance is that you has to be as stealthy as fuck, it means you cannot alert the targeted company/infrastructure security systems (WAF/IDS/IPS/That-fat-daily-log-reader-guy-that-noone-has). Nmap is a great tool but a powerful weapon as well, so in order to NOT GO full retard here are some quick tips:
  • nmap -sS <host>: That argument means stealth-scan (sS).
  • sS will do half-tcp connections (SYN-SYN/ACK-RST) - Study the TCP-Three way handshake! It's useful (no it's not but I don't encourage SC haha)
  • This method will only list open ports, not what's running on them. Nmap will do it's best to match with a known-port-database.
If you want to know what is running on a specific port run nmap -sCV -p <port> <host>, that'll do a full TCP connection (SYN-SYN/ACK-ACK) and get the banner.

- Swarm.

* Just to mention it (and avoid SC confusion) Zenmap is just a GUI for nmap.