Masscan: Full tutorial from noob to pro

Introduction

In this post, you will learn what is Masscan and how it works and all the commands from basic to complicated are written by me. This is the best blog post to read about this tool. If you have any doubt comment down below. And the video format of the post is here

Video:

What is Masscan

Masscan is a network mapping tool, this is the second most used tool after NMap and this is the best tool for the NMap alternative.

This tool can scan the entire internet in under only 5 mins by sending over 10 million packets per second from a sing source. This is amazing …

The best alternative for this tool is NMap or ZMap, scanrand, unicornscan…

Advertisement

Also Read: Information gathering using recon-ng

Who developed Masscan?

View post on imgur.com

The tool was developed by Robert David Graham, He is a look-alike of IT. Anything he seems to be very active in GitHub and you can catch him at

To install the tool in Debian based machines then enter this command

sudo apt-get install masscan
GitHub Download
GitHub Homepage

What can this Masscan tool do ❓

This tool scans the target and enumerates the information it has got and one who did the scan will get information related to all the open ports of the target much more information.

Useful commands in Masscan

  • ip/range: anything on the command-line not prefixed with a ´-´ is assumed to be an IP address or range.
  • -p: specifies the port(s) to be scanned.
  • –rate: specifies the desired rate for transmitting packets.
  • –adapter-ip: send packets using this IP address.
  • –router-mac: send packets to this MAC address as the destination.
  • –ping: indicates that the scan should include an ICMP echo request.
  • –exclude: blacklist an IP address or range
  • –iflist: list the available network interfaces
  • –retries: the number of retries to send, at 1-second intervals
  • –nmap: print help about Nmap-compatibility
  • –output-format: indicates the format of the output file, which can be xml, binary, grepable, list, or JSON. The option –output-filename must be specified.

Advertisement

How to use Masscan ❓

Follow the examples along with me carefully to become a pro in Masscan tool

Example1: Installation

Installing Masscan tool and make sure the tool runs well

To install the tool enter this command 

sudo apt-get install masscan

To check the tool runs good, do this command

masscan --regress

Now, we can see the tool runs well

installation

Advertisement

Example2: Default scan

Doing a standard scan in masscan, use this command 

sudo masscan <IP Address>/range -p80
sudo masscan 10.10.10.1/1 -p80

-p specifying the port

masscan

Example3: Multi port scan

Doing a multi-port scan is really simple to follow this command and try it…

sudo masscan 10.10.10.1 -p1-50

Here we are scanning ports from 1 to 50

port scan

Example4: Random port scan

Lets scan for various specific ports

sudo masscan 10.10.10.1 -p1,20,80
masscan scan

Example5: UDP

Doing a UDP scan, just do this command…

masscan 10.10.10.1 -pU:53

-pU scanning UDP

udp scan

Example6: Speed

Increasing the speed of the scan, to increase the speed of the scan enter this command

sudo masscan 10.0.0.1/24 --rate 10000 -p80

–rate is increasing the speed of the scan

masscan

Example7: Exclude IP

Exclude an IP address while scanning 

sudo masscan 180.215.0.0/16 -p0-1000 --exclude=180.215.122.120

–exclude excluding a particular IP address here it is 180.215.122.120

masscan

Example8: Scan IP from .txt file

Now let’s see how to exclude a bunch of IP addresses

sudo masscan 0.0.0.0/0 -p0-65535 --excludefile exclude.txt
masscan

Advertisement

Example9: Open port

scan for only open ports 

masscan 10.0.0.0/8  -p80 --open-only
open port scan

Masscan Example10: Version

Gathering the server version by entering –banners

masscan 0.0.0.0/0 --excludefile 255.255.255.255 -pU:53 --banners
service and version in masscan

Example11: Full scan

Doing a full scan in masscan ????

masscan 10.1.1.1/24 -p 0-65535 --rate 1000000 --open-only --http-user-agent \
"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"\-oL "output.txt"
full scan in masscan


Masscan Example12: Save output

Saving the output in different formats 

masscan 10.1.1.1/24 -p 0-65535 -oX "file"

-oX xml

-oL txt

-oG grepable

-oJ Json

-oB binary

Instead of -oX you can save in all these formats ????

masscan output

Conculusion

According to my knowledge, this tool is fine but not good and comparing to masscan I will prefer Nmap. Yes, NMap is better than Masscan…

Advertisement

Also Read: Installing custom kali is easy ????????

Also Read: Parsero information gathering

Read: Full tutorial on hping3 from noob to pro

Share your love
moulik
moulik
Articles: 357

You may also like

4 Comments

  1. the best site to learn about all OSINT tool and many, this post helped me a lot. An underrated blog post

Comments are closed.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site