diff --git a/payloads/library/nmapper/payload.txt b/payloads/library/nmapper/payload.txt
new file mode 100644
index 0000000..a07a726
--- /dev/null
+++ b/payloads/library/nmapper/payload.txt
@@ -0,0 +1,55 @@
+#!/bin/bash
+#
+# Title:         Nmapper for Bash Bunny
+# Author:        Hak5Darren
+# Version:       1.0
+#
+# Scans target with nmap using specified options
+# Saves sequential logs to mass storage loot folder
+#
+# Red ...........Setup
+# Red Blinking...Setup Failed. Target did not obtain IP address. Exit.
+# Amber..........Scanning
+# White..........Switching to Mass Storage (optional)
+# Green..........Finished
+# 
+
+# See nmap --help for options. Default "-O --fuzzy" profiles target OS.
+NMAP_OPTIONS="-O --fuzzy"
+LOOTDIR=/root/udisk/loot/nmap
+
+# Set LED Red while setting up attack
+LED R
+
+# Use RNDIS for Windows. Mac/*nix use ECM_ETHERNET
+ATTACKMODE RNDIS_ETHERNET 
+#ATTACKMODE ECM_ETHERNET
+
+# Source bunny_helpers.sh to get environment variable TARGET_IP and TARGET_HOSTNAME
+source bunny_helpers.sh
+
+# Setup named logs in loot directory
+mkdir -p $LOOTDIR
+HOST=${TARGET_HOSTNAME}
+# If hostname is blank set it to "noname"
+[[ -z "$HOST" ]] && HOST="noname"
+COUNT=$(ls -lad $LOOTDIR/$HOST*.log | wc -l)
+COUNT=$((COUNT+1))
+
+# Check target IP address. If unset, blink RED and end.
+if [ -z "${TARGET_IP}" ]; then
+    LED R 100
+	exit 1
+fi
+
+# Set LED, nmap target and sync filesystem before optionally switching to mass storage
+LED G R
+nmap $NMAP_OPTIONS $TARGET_IP >> $LOOTDIR/$HOST-$COUNT.log
+sync
+
+# Optionally become mass storage when scan completes
+#LED R G B
+#ATTACKMODE STORAGE
+
+# Payload complete. Set LED white
+LED G
\ No newline at end of file
diff --git a/payloads/library/nmapper/readme.md b/payloads/library/nmapper/readme.md
new file mode 100644
index 0000000..3866c64
--- /dev/null
+++ b/payloads/library/nmapper/readme.md
@@ -0,0 +1,24 @@
+# Nmapper for Bash Bunnys
+
+Author: Hak5Darren
+Version: Version 1.0
+
+## Description
+
+Scans target with nmap using specified options
+Saves sequential logs to mass storage loot folder
+
+## Configuration
+
+Configured for Windows by default. Swap RNDIS_ETHERNET for ECM_ETHERNET on Mac/*nix
+Uncomment ATTACKMODE at the bottom of this payload to enable switching to USB Mass Storage when scan completes.
+
+## STATUS
+
+| LED              | Status                                |
+| ---------------- | ------------------------------------- |
+| Red              | Setup                                 |
+| Red (blinking)   | Setup Failed. Target didn't obtain IP |
+| Amber            | Scanning                              |
+| White            | Switching to Mass Storage (optional)  |
+| Green            | Finished                              |