The New Nmap 7.96 Is Here: Faster Scans, Dark Mode, and More

If you’ve ever done network security work—or even just been curious about what’s going on across your local network—you’ve likely heard of Nmap.

Short for Network Mapper, Nmap is a beloved open-source tool used by security professionals, sysadmins, ethical hackers, and network tinkerers alike.

And guess what? It just got a seriously cool upgrade.

With the release of Nmap 7.96, the project continues to evolve, bringing major speed boosts, a smoother user experience, and some under-the-hood magic that makes scanning faster and more powerful than ever.

Let’s dive into what’s new, why it matters, and how you can get started.

⚡ What’s New in Nmap 7.96?

The latest release brings a suite of improvements that make network scanning faster. Here are the highlights:

✅ Blazing-Fast Parallel DNS Resolution

One of the biggest changes in Nmap 7.96 is a complete rework of how it resolves domain names.

Until now, forward DNS lookups (e.g., resolving hostnames to IPs) were slower and not done in parallel.

Now, Nmap uses the same high-performance engine that’s been handling reverse-DNS lookups for years to power forward lookups too.

🔍 Real-world result: Resolving 1 million hostnames now takes just over an hour—down from 49 hours in the previous version.

That’s a massive leap forward for anyone doing large-scale scans.

🧩 Library Upgrades and Better Compatibility

Nmap’s core libraries have received some serious upgrades to keep pace with today’s environments. Here’s a quick look at what’s new under the hood:

• OpenSSL 3.0.16
• Lua 5.4.7
• libssh2 1.11.1
• libpcap 1.10.5
• libpcre2 10.45

These updates ensure better support for modern systems and more secure communication during scans.

💻 Windows Users: Npcap 1.82 is Here

Historically, Nmap has been more at home on Linux, but that’s changing fast. Windows users now benefit from an upgraded Npcap driver, jumping from version 1.79 to 1.82.

This packet capture library brings:

• Faster packet injection
• VLAN header support
• Compatibility with SR-IOV adapters
• Bug fixes for packet size and VLAN tagging

These changes make network traffic capture more reliable and powerful than ever on Windows platforms.

🌙 Zenmap Gets Dark Mode

Zenmap, the official Nmap GUI, now supports dark mode. Toggle it from the menu at Profile → Toggle Dark Mode or enable it in the config file with:

window::dark_mode = true

A small feature, maybe—but if you scan at night or just prefer darker interfaces, your eyes will thank you.

🧠 New NSE Scripts for Security Tasks

The Nmap Scripting Engine (NSE) — one of the tool’s most powerful features — now includes 612 scripts, with several new additions worth noting:

• mikrotik-routeros-version – Queries MikroTik WinBox for version info
• mikrotik-routeros-username-brute – Brute forces usernames on MikroTik using CVE-2024-54772
• targets-ipv6-eui64 – Generates IPv6 addresses from MACs using the EUI-64 format

These scripts help automate vulnerability checks and reconnaissance tasks, especially in enterprise environments.

Zenmap, Nping, and Ncat Also Get Love

Nmap isn’t just one tool — it comes with several useful companions. Here’s what’s new across the suite:

• Zenmap, the GUI frontend, adds dark mode and fixes several crash and Unicode issues (especially helpful for macOS users).
• Nping, used for packet generation and response analysis, now shares the same version number as Nmap and includes improved raw socket binding.
• Ncat, Nmap’s netcat-like data transfer tool, now better matches traditional netcat behavior and handles connections more reliably.

🛠️ Under-the-Hood Enhancements and Bug Fixes

Nmap 7.96 also comes with smart tweaks and fixes:

• New options for DNS control: n, R, -system-dns, and -dns-servers
• More robust domain name parsing to prevent overflows
• Better detection of TCP Connect scan results
• Fixed IOCP bugs in the Windows Nsock engine

Ncat, the netcat-style tool bundled with Nmap, also gets a bump in reliability and now includes a new -q option to delay exit after EOF—great for chaining scripts or commands.

🔧 How To Install Nmap on Linux, Windows, and Mac

If your OS doesn’t include Nmap by default—no worries! Here’s how to install it:

🐧 On Linux

Open your terminal and run:

• CentOS / Fedora:

  sudo dnf install nmap
  
  

• Ubuntu / Debian:

  sudo apt-get install nmap
  

Done! You’re ready to scan.

🪟 On Windows

Head over to the official Nmap downloads page, grab the Windows installer, run it, and follow the simple prompts. The setup wizard takes care of everything.

🍏 On macOS

Download the .mpkg installer from the Nmap site and run it. In just a few seconds, Nmap will be installed and ready to go on your Mac.

🧪 Nmap Command Examples: A Quick Start Guide

Now that you’ve installed Nmap, here’s a mini crash course with 11 useful command examples to get you scanning like a pro.

1. 🔍 Basic Scan

nmap 1.1.1.1
nmap recordedfuture.xyz

Great for getting started—try IPs or domains!

2. 🛎 Ping Sweep

nmap -sn 192.168.5.0/24

A fast way to detect live hosts on a network.

3. 🎯 Scan All Ports

nmap -p 1-65535 localhost

Or just specific ports:

nmap -p 80,443 8.8.8.8

4. 🧑‍🤝‍🧑 Scan Multiple IPs

nmap 1.1.1.1 8.8.8.8
nmap 1.1.1.1,2,3,4

5. 🌐 Scan IP Ranges

nmap 8.8.8.0/28
nmap 8.8.8.1-14
nmap 8.8.8.* --exclude 8.8.8.1

6. 🚪 Scan Popular Ports

nmap --top-ports 20 192.168.1.106

Quick scan of the most-used ports.

7. 📂 Read IPs from a File

Create list.txt with IPs or domains, then:

nmap -iL list.txt

8. 💾 Save Results to File

nmap -oN output.txt securitytrails.xyz
nmap -oX output.xml securitytrails.xyz

Text or XML formats supported.

9. 🚫 Disable DNS Resolution

nmap -n -p 80 8.8.8.8

Speeds up scans when DNS isn’t needed.

10. 🤖 OS and Service Detection (Fast)

nmap -A -T4 securitytrails.xyz

Combines aggressive scanning with speed optimization.

11. 🔎 Detect Service Versions

nmap -sV localhost

Get detailed info on running services and daemons.

🎉 Final Thoughts

Nmap 7.96 isn’t just an update—it’s a leap forward in speed, usability, and precision. From parallel DNS resolution to dark mode in Zenmap and better scripting options, this release makes scanning faster and more comfortable than ever.

Whether you’re mapping your home lab, auditing enterprise networks, or hunting vulnerabilities in the wild, Nmap remains an essential part of the security toolkit.