MASSCAN – Mass IP port scanner
Mass IP port scanner
This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a single machine.
It’s input/output is similar to nmap, the most famous port scanner. When in doubt, try one of those features.
Internally, it uses asynchronous tranmissions, similar to port scanners like scanrand, unicornscan, andZMap. It’s more flexible, allowing arbitrary port and address ranges.
NOTE: masscan uses a its own custom TCP/IP stack. Anything other than simple port scans may cause conflict with the local TCP/IP stack. This means you need to either the
--src-ip option to run from a different IP address, or use
--src-port to configure which source ports masscan uses, then also configure the internal firewall (like pf or iptables) to firewall those ports from the rest of the operating system.
Scan for a selection of ports (-p22,80,443) across a given subnet (192.168.1.0/24):
[root@kali:~] masscan -p22,80,443 192.168.1.0/24 Starting masscan 1.0.4 at 2019-07-10 14:34:13 GMT -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth Initiating SYN Stealth Scan Scanning 256 hosts [3 ports/host] Discovered open port 22/tcp on 192.168.1.250 Discovered open port 80/tcp on 192.168.1.250 Discovered open port 443/tcp on 192.168.1.250