Do Son 
A new release—Nmap 7.96—has been unveiled, marking the latest iteration of one of the most renowned tools for network auditing and remote host scanning. This open-source project, now over 25 years in development, remains indispensable to cybersecurity professionals and system administrators around the globe.
The update is available for Linux, Windows, macOS, and a broad range of UNIX-based systems, including Solaris and BSD. Nmap excels at detecting active services, identifying application versions, and probing for potential vulnerabilities.
Among the most notable enhancements is a substantial expansion of the signature databases, introducing new definitions for operating systems, applications, and network protocols—including support for IP protocol number 255, a slot officially reserved in the protocol registry.
The Nmap Scripting Engine (NSE) has been enriched with several new scripts, including:
targets-ipv6-eui64— generates IPv6 addresses from MAC addresses using the EUI-64 method;mikrotik-routeros-version— detects firmware versions on MikroTik devices;mikrotik-routeros-username-brute— attempts brute-force discovery of usernames on MikroTik routers vulnerable to CVE-2024-54772.
Zenmap, Nmap’s graphical interface, now features a dark mode, which can be activated via the settings menu (Profile → Toggle Dark Mode) or directly through configuration using the window::dark_mode parameter.
The Ncat component has undergone a change in default connection termination behavior and introduces a new -q option, allowing delayed exit after input concludes. Windows support has been enhanced through full compatibility with the iocp and poll engines in Nsock.
Nsock itself has received improvements in its event management system, resulting in heightened stability.
A significant command-line improvement now permits simultaneous specification of host targets both directly and via input files—a functionality that previously defaulted exclusively to file-based input, ignoring inline entries.
Parallel DNS query dispatching has been dramatically accelerated. Scanning millions of domain names, a task that once required 49 hours, can now be completed in just over one hour.
The updated Nmap builds ship with the latest dependency versions, including Lua 5.4.7, libssh2 1.11.1, libpcap 1.10.5, and PCRE 10.45.
The project’s source code is publicly available on GitHub and distributed under the Nmap Public Source License (NPSL), derived from GPLv2. Commercial use is permitted under OEM agreements for scenarios where source disclosure is infeasible or undesired.
