Introduction
In this post, You will learn what is naabu and how does it work and I have give all the important commands for naabu.
Below is the video format of the post, Check that also
Video
What is Naabu ❓
Naabu is an open-source CLI recon tool for network mapping and security auditing. Using naabu we can find open ports, services, possible vulnerability with a script and much more can be done.
With Naabu, thousands of IP addresses can be scanned simultaneously using asynchronous scanning techniques.
To determine which ports are open and which services are running, the tool sends out TCP and UDP probes to target hosts.
In order to extract information from open services, such as the software version and configuration details, banner grabbing can be performed.
Advertisement
Who Developed Naabu
I can find that the first commit was done by Ice3man543 so, a big salute to him who started it and also I thank other developers who developed the naabu tool.
Now, The tool is maintained and devloped by projectdiscovery.io and also I thank sandeep singh.
How to Install Naabu
Make sure you install go lang
Win: go get -u github.com/projectdiscovery/naabu/cmd/naabu Linux: sudo apt-get install naabu
Naabu Features
- Fast And Simple SYN/CONNECT/UDP probe based scanning
- Optimized for ease of use and lightweight on resources
- DNS Port scan
- Automatic IP Deduplication for DNS port scan
- IPv4/IPv6 Port scan (experimental)
- Passive Port enumeration using Shodan Internetdb
- Host Discovery scan (experimental)
- NMAP integration for service discovery
- Multiple input support – STDIN/HOST/IP/CIDR/ASN
- Multiple output format support – JSON/TXT/STDOUT
How to Use Naabu
Follow every example carefully by end of thispost you will be very familiar with the tool and if you continuously work for 2 -4 hrs you will become a pro.
Work hard until you reach your goal let’s make hand’s wet
BY STUPID ME ????
Example 1, Standard Scan
Whatever you call it, Standard scan or Default scan. By doing this you get very little information about the target site.
It’s because by default the naabu scans for Top 1000 ports.
naabu -host www.techyrick.com
Example 2, Specific Port Scan
To do a specific port scan you can use the command between the ports and mention -p syntax at front.
naabu -p 80,443 -host www.techyrick.com
Example 3, Scanning Top 100 Ports
To scan for the top 100 post, You can use the below command
naabu -top-ports 100 -host www.techyrick.com
Found a mistake here, I tried to scan for the top 100 ports but I got the below result, That’s the port 443. But why ❓
Example 4, Exclude Ports
We can also exclude the ports, We no need to scan for below is the command try it out
naabu -p 0-1000 -exclude-ports 21,80 -host www.techyrick.com
Example 5, Scanning List
To scan for list of domain names, Create a file with target domains and scan the file.
naabu -list target.txt
Example 6, Integration with Nmap
The naabu tool has integrated the nmap features too, So let’s give a try on how that works.
echo techyrick.com | naabu -nmap-cli 'nmap -sV -oX nmap-output'
Conclusion
In this post, You have learnt about the Naabu tool, Hope you like it. In my opinion the naabu tool is just an another network mapping tool.
But still I appreciate their work, So I would rate a solid 6 out of 10 for this tool. There is no script for scanning that’s a major disadvantage.
See you in the next post ❤️
Advertisement
Also Read: Unicornscan Full Tutorial
Also Read: Nmap Scripting Engine
