Masscan
Masscan is a fast TCP port scanner that transmits SYN packets asynchronously to scan IP address and port ranges. It produces results similar to nmap while operating like scanrand, unicornscan, and ZMap.
Description
MASSCAN is a TCP port scanner designed for high-speed network reconnaissance. It allows scanning arbitrary address and port ranges, making it suitable for large-scale scans such as entire subnets or even the Internet. The tool is particularly useful for discovering open ports like SSH (22), HTTP (80), and SMB (445) across multiple hosts.
Use cases include initial information gathering during penetration testing, identifying live services on networks, and fast internet-wide scans. It auto-detects network interface settings but supports manual configuration for adapter IP, MAC, and router MAC when needed. Parameters can be specified via command-line or configuration files interchangeably.
The scanner supports config files for complex setups, with the --echo option to generate configurations from current settings without running a scan.
How It Works
Masscan transmits SYN packets asynchronously, similar to nmap's SYN stealth scan but with internals like scanrand, unicornscan, and ZMap. It uses asynchronous transmission for high speed, auto-detects network interfaces, and supports manual adapter settings. Forced options include -sS (SYN scan), -Pn (no ping), -n (no DNS), --randomize-hosts, -v (verbose), and --send-eth.
Installation
sudo apt install masscanFlags
Examples
masscan -p22,80,445 192.168.1.0/24masscan 10.0.0.0/8 -p80masscan --adapter-ip 192.168.10.123 --adapter-mac 00-11-22-33-44-55 --router-mac 66-55-44-33-22-11masscan -c <filename>masscan -p1234 --echomasscan --help