In this tutorial , I am going to show you how to scan your whole network quickly with ” masscan ” . masscan is little , tiny TCP port scanner , written by “Robert David Graham “ .
masscan spews SYN packets asynchronously up-to millions of packets per/seconds , To get beyond 2 million packets/second, you need an Intel 10-gbps Ethernet adapter and a special driver known as “PF_RING DNA”
“This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second.”
build
sudo apt-get install git gcc make libpcap-dev
git clone https://github.com/robertdavidgraham/masscan
cd masscan
make
it will generate and put binaries in masscan/bin sub-directory .
Usage
masscan use similar arguments as nmap so if you are familiar with NMAP then its no more big deal . major difference in argument is that , you have to set port to scan because there is no default port is set for scanning .
Example
okay lets assume you want to scan all the addresses of 192.168.100.1/24 range use following command .
# masscan -p80,443,445,443 192.168.100.1/24 --rate 100000000
you can adjust rate according to you network card speed etc . if you have gb/s network card then its fine to more than 100 thousand packets per second .
sample output :
you can try to scan whole internet ( yes whole Internet ) with masscan ,
# masscan 0.0.0.0/0 -p0-65535
read more about this feature on masscan github page : https://github.com/robertdavidgraham/masscan#how-to-scan-the-entire-internet
you can print output in various formats , like list or xml formats : https://github.com/robertdavidgraham/masscan#getting-output