Home
Termux Tools

How to Install Nmap on Termux and Use It Like a Pro

Learn how to install Nmap on Termux and master basic Nmap commands to scan networks, detect open ports, and analyze devices like a pro.
BlogZeros

If you’ve ever wondered how hackers scan networks and find open ports, then Nmap is probably the tool they’re using. In this guide, I’ll walk you through how to install Nmap on Termux and show you how to use it effectively using powerful Nmap commands in Termux. Whether you’re a beginner or someone getting started with ethical hacking, this post is for you.

Nmap in Termux tutorial banner featuring Nmap logo and Termux tools guide by Kalimux
Install and Use Nmap in Termux

What is Nmap?

Nmap (Network Mapper) is an open-source tool used for network discovery and security auditing. It can detect live hosts, open ports, services running on those ports, and even OS versions. It’s a favorite in the toolbox of ethical hackers, penetration testers, and cybersecurity experts.

And the good news? You can install Nmap on Termux and use it right from your Android device. No need for a PC or virtual machine.

How to Install Nmap on Termux

Let’s get right into the installation steps. Open Termux and follow these commands one by one:

pkg update && pkg upgrade
pkg install nmap -y

That’s it! Nmap is now installed on your Termux app. You can confirm it by checking the version:

nmap --version

If you see the version info, you're all set to dive into scanning.

Basic Nmap Commands in Termux (Explained)

Once you’ve installed Nmap successfully, the next step is knowing how to actually use it. Don’t worry, you don’t need to memorize a bunch of complex commands. I’ll break it down for you in a way that makes sense—even if you're a beginner.

Here are some of the most useful Nmap commands in Termux that you can run right now:

1. Scan a Single IP Address

nmap 192.168.1.1

This is the most basic Nmap command. It checks the target IP address and tells you what ports are open. You can use this to see which services are running on your router or any device in your network.

2. Scan a Range of IPs

nmap 192.168.1.1-50

Instead of scanning just one device, this command checks multiple devices in a given IP range. Super useful if you’re trying to find out which devices are connected to your Wi-Fi.

3. Scan a Subnet

nmap 192.168.1.0/24

This command performs a full network scan on all 254 hosts in a typical home subnet. If you're connected to Wi-Fi, this helps you discover every active device on that network.

4. Aggressive Scan (OS Detection + Services)

nmap -A 192.168.1.1

This is where things get serious. The -A flag tells Nmap to go deep—it tries to detect the OS, running services, service versions, and even traceroute. Perfect when you want full details about a machine.

Note: This scan takes longer and is easier to detect by firewalls or IDS.

5. Stealth Scan (TCP SYN Scan)

nmap -sS 192.168.1.1

This scan is called a stealth or half-open scan. It doesn’t complete the full TCP handshake, which makes it harder for firewalls to detect. It's a favorite for ethical hackers doing silent recon.

6. Scan Specific Ports Only

nmap -p 22,80,443 192.168.1.1

Want to check only a few ports? Use this. For example, port 22 (SSH), 80 (HTTP), and 443 (HTTPS). Saves time and avoids scanning unnecessary ports.

7. Verbose Output for Better Detail

nmap -v 192.168.1.1

Adding -v gives you more info in real time during the scan. Handy when you want to see what’s going on behind the scenes while Nmap does its thing.

8. Save Scan Results to a File

nmap -oN result.txt 192.168.1.1

This saves your scan output into a text file named result.txt. Super useful for keeping logs or when you're doing multiple scans and want to compare results later.

These commands will help you get started and feel comfortable using Nmap inside Termux. As you practice more, you'll start mixing flags and customizing scans based on your target.

Just remember: always scan responsibly and only on networks you’re allowed to test.

Bonus Tip: Use Nmap with Root for More Access

Nmap can run without root, but for OS detection and more aggressive scans, having root access gives you more control. If your Android is rooted, you can unlock full Nmap features.

Final Thoughts

Using Nmap in Termux turns your Android device into a pocket-sized scanning machine. With just a few commands, you can start discovering devices, open ports, and services in any network.

Make sure to always use Nmap ethically and only scan networks you own or have permission to test.

If you found this guide helpful, bookmark it and share it with fellow Termux users. For more Termux tools and hacking guides, stay tuned to kalimux.blogspot.com — we’re just getting started.

Post a Comment