MASSCAN – Mass IP port scanner

MASSCAN – Mass IP port scanner


Mass IP port scanner

This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a single machine.

It’s input/output is similar to nmap, the most famous port scanner. When in doubt, try one of those features.

Internally, it uses asynchronous tranmissions, similar to port scanners like scanrand, unicornscan, andZMap. It’s more flexible, allowing arbitrary port and address ranges.

NOTE: masscan uses a its own custom TCP/IP stack. Anything other than simple port scans may cause conflict with the local TCP/IP stack. This means you need to either the --src-ip option to run from a different IP address, or use --src-port to configure which source ports masscan uses, then also configure the internal firewall (like pf or iptables) to firewall those ports from the rest of the operating system.


Usage Example

Scan for a selection of ports (-p22,80,443) across a given subnet (

[root@kali:~] masscan -p22,80,443

Starting masscan 1.0.4 at 2019-07-10 14:34:13 GMT
 -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 256 hosts [3 ports/host]
Discovered open port 22/tcp on
Discovered open port 80/tcp on
Discovered open port 443/tcp on