Zenmap is Official Graphical User Interface (GUI) version of Nmap. Zenmap is also very powerful tool like nmap. For it’s graphical interface and easy menus makes it very easy to use.

Previously Zenmap comes pre-installed on Kali Linux but newer version (from 2019.4) doesn’t comes with Zenmap. So in our this article we are going to learn how to install Zenmap on Kali Linux in 2023 and use it.

Installing Zenmap on Kali Linux 2023

Zenmap relies on deprecated Python 2 libraries that are not available in Kali Linux. So it is not available on Kali Linux repository. Also it’s official .deb file comes with some errors during installing. So we are going to install it using Kaboxer (Kali Applications Boxer).

To install it we need to have an updated system. We need to apply following command to install Zenmap on our Kali Linux system.

sudo apt install zenmap-kbx -y

After providing our root password the installation will be started, as we can see in the following screenshot:

After the installation is complete we just need to run following command to start Zenmap:

zenmap-kbx

Now we can see that the above command opens Zenmap on our Kali Linux system in the following screenshot:

This is how we can install and run Zenmap on Kali Linux using Kaboxer.

Using Zenmap on Kali Linux

After a successful installation we can use Zenmap. If we use Zenmap with root then we can use it’s all options. So we open it with root by using following command:

sudo zenmap

We can see that Zenmap is opened on the following screenshot:

Here everything is very easy. Here we need to put the IP address of our target network. For an example we are choosing our localhost system’s IP address (192.168.122.148), we also can choose the website’s address.

Then we need to choose the profile as “Quick Scan“. For an example we have chosen “Quick Scan” we can choose other profiles as per our requirements. Then we just need to click on “Scan”. Then the result will comes in front of us as the following screenshot:

In the above screenshot we can see the open ports on our target.

Once the scan has completed, we can click on each tab to get further details about our target. If we’re performing a scan on an entire network, the “Topology” tab will help us create a network diagram of the target network.

Zenmap is very easy to use and user-friendly. This is how we can install Zenmap on Kali Linux new versions and it’s uses.

Liked our article? Then make sure to follow our mail-subscription to get new articles directly on inbox. We also update articles on our Twitter and GitHub profiles. Make sure to follow us there. We also have Telegram group for chatting with everyone.

For any kind of problem and queries make sure to comment in the comment section. We always reply.

Nmap comes pre-installed with Kali Linux. Not just Kali Linux Nmap comes pre-installed with every security focused operating system. We have already discussed how to use Nmap for active reconnaissance in our previous article “NMAP — The Network Mapper“.

But cybersecurity experts don’t just use Nmap for scanning ports and services running on the target system, Nmap also can be used for vulnerability assessment and much more using NSE (Nmap Scripting Engine).

The Nmap Scripting Engine (NSE) has revolutionized the possibilities of a port scanner by allowing users to write scripts that perform custom tasks using the host information collected by Nmap. As of September 2021, when we are writing this article, Nmap has over 600+ scripts on Nmap version 7.91.

Penetration testers uses Nmap’s most powerful and flexible features, which allows them to to write their own scripts and automate various tasks. NSE (Nmap Scripting Engine) was developed for following reasons:

• Network Discovery:- This is the primary purpose that most of the people utilize Nmap for network port discovery, which we had learned in our “Nmap – The Network Mapper” article.
• Classier version detection of a service:- There are tons of services with multiple version details for the same service, so Nmap makes it more easy to identify the service.
• Backdoor detection:- Some of the Nmap scripts are written to identify the pattern of backdoors. If there are any worms or malicious program infecting the network, it makes the attacker’s job easy to short down and focus on taking over the machine remotely.
• Vulnerability Scanning:- Pen testers also uses Nmap for exploitation in combination with other tools such as Metasploit or write a custom reverse shell code and combine Nmap’s capability with them for exploitation.

Before jumping in to finding vulnerabilities using Nmap we must need to update the database of scripts, so newer scripts will be added on our database. Then we are ready to scan for vulnerabilities with all Nmap scripts. To update the Nmap scripts database we need to apply following command on our terminal window:

sudo nmap --script-updatedb

In the following screenshot we can see that we have an updated Nmap scripts database.

Now we are ready to scan any target for vulnerabilities. Well we can use following command to run all vulnerability scanning scripts against a target.

nmap -sV --script vuln <target>

As we can see in the following screenshot:

When we are talking about Nmap Scripts then we need to know that, not only vulnerability scanning (vuln) there are lots of categories of Nmap scripts those are following:

• auth: This categorized scripts related to user authentication.
• broadcast: This is a very interesting category of scripts that use broadcast petitions to gather information. 
• brute: This category is for scripts that help conduct brute-force password auditing.
• default: This category is for scripts that are executed when a script scan is executed ( -sC ).
• discovery: This category is for scripts related to host and service discovery.
• dos: This category is for scripts related to denial of service attacks.
• exploit: This category is for scripts that exploit security vulnerabilities.
• external: This category is for scripts that depend on a third-party service. 
• fuzzer: This category is for Nmap scripts that are focused on fuzzing.
• intrusive: These scripts might crash system by generate lot of network noise, sysadmins considers it intrusive.
• malware: This category is for scripts related to malware detection.
• safe: This category is for scripts that are considered safe in all situations.
• version: This category is for NSE scripts that are used for advanced versioning.
• vuln: This category is for scripts related to security vulnerabilities.

So we can see that we can do various tasks using Nmap using Nmap Scripting Engine scripts. When we need to run all the scripts against single target we can use following command:

nmap -sV --script all <target>

In the following screenshot we can see that all scripts are using against one target, but here every script will run so it will consume good amount of time.

That is all for this article. We will back again with Nmap. Hope this article helps our fellow Kali Linux users. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Before we go on a road trip on any adventure, what’s the first thing we do? We do a proper plan! We check the maps (Nowadays on a phone Map), look for the best routes, and maybe even scout out a few interesting stops along the way. Or we watch any YouTube video of that trip to know about various things. Skipping this step would leave us wandering aimlessly, and nobody wants that. The same goes for cybersecurity spaces.

Reconnaissance, or recon in short, is that essential planning phase in our cybersecurity world. It’s like doing a bit of homework before doing the attack. Whether we’re looking to fortify your defenses or test them, understanding what we’re up against is half the battle. Without good recon, it’s like trying to find “One Piece” without a road poneglyphs—pretty much impossible!

In this article, We’re excited to introduce to Ashok, a tool that’s as reliable as our favorite road trip song playlist. Whether we’re just curious or looking to add a new skill to our cybersecurity toolkit, We hope this journey as enjoyable as discovering a new vulnerabilities on the test target. Let’s get started.

 As written on Ashok’s GitHub Page:

Before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester which is specially designed for Reconnaissance phase. And in Ashok-v1.1 you can find the advanced google dorker and wayback crawling machine.

Main Features of Ashok

• Wayback Crawler Machine
• Google Dorking without limits
• Github Information Grabbing
• Subdomain Identifier
• Cms/Technology Detector With Custom Headers

Install Ashok on Kali Linux

 Installing Ashok on our Kali Linux system is very easy. We just need to open our terminal window and apply the following command to clone it from GitHub:

git clone https://github.com/powerexploit/Ashok

After that we can see the output in the following screenshot:

In the above screenshot we can see the output of above command. Now Ashok is on our system. So we just need to change our current working directory to Ashok by using the following command:

cd Ashok

Now we need to install requirements by applying following command:

python -m pip install -r requirements.txt

This command will install all the necessary things to run on our Kali Linux system. As we can see in the following screenshot.

Now we can run Ashok tool on our Kali Linux system.

Running Ashok on Kali Linux

Now the time has come that we run Ashok on our system. Before running it on a target we check Ashok’s help section. To do that we need to run following command:

python Ashok.py --help

In the following screenshot we can see the output of the above command:

In the above screenshot we can see that how to use Ashok for different recons. In the following list we shows the uses of Ashok:

HTTP headers using –headers

DNS lookup using –dns

Sub-domain lookup using –subdomain

NMAP scan using –nmap

Extract data using Github username of target –username

CMS (Content Management System like WordPress and other) Detection using –cms

Extract links from target domain using –extract

CIDR (Classless Inter-Domain Routing) subnet lookup using –cidr

Banner grabbing using –banner

GeoIP of target IP address using –geoip

Internet archive crawling of target domain using –wayback

Google dorking using number of results as dork number using –dorknumber

For more details we can head over to Ashok’s WiKi Page. Let’s do a DNS scan of google.com. To do this we need to run following command:

python Ashok.py --dns google.com

We can see the output on the following screenshot:

We also search for Internet archive (Wayback Machine) crawling on Ashok on our domain by using following command:

python Ashok.py --wayback kalilinx.in

 We can see the result on the following screenshot:

The outputs of this scan also saved in Ashok’s directory as we can see in the screenshot below.

This is the uses of Ashok as our recon tool. Here just for example we show two use cases. But it is capable to do more. We can check it’s Wiki page to learn more uses of it.

This is how we can install and use Ashok and do our reconnaissance works easily on our Kali Linux system. Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel. We are striving to build a community for Linux and cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.