Information Gatheringport scannertcp scannernetwork scannersecurity scanner

Knocker

Knocker is a simple and easy to use TCP security port scanner written in C using threads. It analyzes hosts and the network services running on them.

Description

Knocker is designed as a lightweight TCP port scanner for network security assessments. It enables users to scan specific hosts for open ports and running services, making it suitable for quick reconnaissance tasks in penetration testing or network auditing.

The tool supports scanning individual ports, port ranges, or repeating previous scans, with options for IPv4/IPv6 addressing and logging results. Its simplicity and threaded implementation allow for efficient scanning without complex configurations.

Common use cases include identifying exposed services on target hosts, verifying network security, and performing repeated scans on previously assessed targets.

How It Works

Knocker operates as a multi-threaded TCP port scanner written in C. It connects to specified host addresses (IPv4 or IPv6) over TCP to check for open ports within defined ranges or single ports. The tool uses threading for concurrent scanning, supports logging to files, and provides configurable output modes including quiet operation.

Installation

bash

sudo apt install knocker

Flags

-H, --hosthost name or numeric Internet address

--last-hostget the last scanned host name

-P, --portsingle port number (for one port scans only)

-SP, --start-portport number to begin the scan from

-EP, --end-portport number to end the scan at

--last-scanperforms again the last port scan

-4, --ipv4only IPv4 host addressing

-6, --ipv6only IPv6 host addressing

-q, --quietquiet mode (no console output, logs to file)

-lf, --logfile <logfile>log scan results to the specified file

-nf, --no-fencydisable fancy output

-nc, --no-colorsdisable colored output

--configurelet you configure knocker

-h, --helpdisplay this help and exit

-v, --versionoutput version information and exit

Examples

Display the help message and usage information

knocker -h

Scan the host 192.168.0.1 (requires port options)

knocker --host 192.168.0.1

Scan ports 1 to 1024 on host 192.168.0.1

knocker -H 192.168.0.1 -SP 1 -EP 1024

Use the last scanned host name for a new scan

knocker --last-host

Repeat the last port scan performed

knocker --last-scan

Scan a single port 80 on host example.com

knocker -H example.com -P 80

Quiet scan of ports 20-25 on 192.168.0.1, log to scan.log

knocker -H 192.168.0.1 -SP 20 -EP 25 -q -lf scan.log

Updated 2026-04-16kali.org ↗