# Running the network mapper Nmap ("Network Mapper") is an open-source tool for network exploration and security auditing. it was designed to rapidly scan large networks, although it works fine against single hosts. Follow these steps to obtain a list of open ports from the target machine, this is a crucial step on any pentest and should be done correctly. ‌ To run the scanner, from the tab selection on the left side of the screen choose the "**Utilities**" tab, click on the black arrow next to "**Scanner**" and as you see on the image below, select "**Nmap-scanner**". ( If you haven't configured the Nmap Path under [preferences](/exploit-pack-manual-pages/master/first-steps.md) this is a good time to do it. ) \ Specify a target to be scanned using Nmap by typing the **IP Address or Hostname**. Click on the button "**Execute Auxiliary**" and you will hear a voice saying: "New auxiliary deployed" and a bar on the bottom right part of your screen. Now you can wait until the scan is completed, this might take several minutes depending on your connection and the target response. Another factor to consider would be the options chosen for this scan, for example, a full scan of 1-65k ports will take longer than a simple scan to the top 1024 ports of the target. ![](/files/-MdMfMOgwjcZbWwz4-2E) Once the scan is finished a screen will pop up and your selected target will now appear in the "**Connection list**" and under "**Network scanner**" the open ports will be listed. ![](/files/-MdMgFi9zfEdFZEG9HTq) Also, your new target and all its information will appear in the "**Targets**" tab. Feel free to modify this file and make use of the available options. You can use this feature as a notepad for your pentest so you can have different notes for each target. Handy, right? ![](/files/-MdMfVvD1uGH5xeOqNx5) ## The Network mapper You can also run the network mapper wizard instead of directly running the module itself as shown below: ![](/files/-MdMgBecVKjn4vrWHeBy) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://exploit-pack.gitbook.io/exploit-pack-manual-pages/master/running-the-network-mapper.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.