Using one gigabit per second of network bandwidth, ZMap can scan the entire IPv4 address space in 44 minutes on a single port.

[4] ZMap iterates on techniques utilized by its predecessor, Nmap, by altering the scanning method in a few key areas.

This process ensures that once ZMap starts sending probes out to different IPs, an accidental denial of service could not occur because an abundance of transmissions would not converge on one subnet at the same time.

[5] One of the developers of ZMap, Zakir Durumeric, used his software to determine a computer's online state, vulnerabilities, operating system, and services.

[10][11] ZMap has also been used to detect vulnerabilities in universal plug and play devices and search for weak public keys in HTTPS website logs.