Hello everyone. In this article, we’ll see how to capture network packet using nmap. And we’ll use Wireshark for comparing its result with nmap. In this article, we mainly focus on what types of network traffic is captured by nmap while we use various nmap ping scan. Ping scan in nmap is done to check if the target host is alive or not. As we know that ping by default sends the ICMP echo request and gets an ICMP echo reply if the system is alive. Ping scan by default send an ARP packet and gets a response to check if the host is up. NOTE: Nmap scans change their behavior according to the network they are scanning. Scanning local network with nmap where nmap sends an ARP packet with every scan. If an external network is to be scanned; nmap sends the following request packets: ICMP echo request ICMP timestamp request TCP SYN to port 443 TCP ACK to port 80 Technique Involves in packet-tracing via nmap The nmap module is an interface with nmap’s internal functions an