In this post, you will learn what is Masscan and how it works and all the commands from basic to complicated are written by me. This is the best blog post to read about this tool. If you have any doubt comment down below. And the video format of the post is here
What is Masscan
Masscan is a network mapping tool, this is the second most used tool after NMap and this is the best tool for the NMap alternative.
This tool can scan the entire internet in under only 5 mins by sending over 10 million packets per second from a sing source. This is amazing …
The best alternative for this tool is NMap or ZMap, scanrand, unicornscan…
Also Read: Information gathering using recon-ng
Who developed Masscan?
The tool was developed by Robert David Graham, He is a look-alike of IT. Anything he seems to be very active in GitHub and you can catch him at
To install the tool in Debian based machines then enter this command
sudo apt-get install masscan
What can this Masscan tool do ❓
This tool scans the target and enumerates the information it has got and one who did the scan will get information related to all the open ports of the target much more information.
Useful commands in Masscan
- ip/range: anything on the command-line not prefixed with a ´-´ is assumed to be an IP address or range.
- -p: specifies the port(s) to be scanned.
- –rate: specifies the desired rate for transmitting packets.
- –adapter-ip: send packets using this IP address.
- –router-mac: send packets to this MAC address as the destination.
- –ping: indicates that the scan should include an ICMP echo request.
- –exclude: blacklist an IP address or range
- –iflist: list the available network interfaces
- –retries: the number of retries to send, at 1-second intervals
- –nmap: print help about Nmap-compatibility
- –output-format: indicates the format of the output file, which can be xml, binary, grepable, list, or JSON. The option –output-filename must be specified.
How to use Masscan ❓
Follow the examples along with me carefully to become a pro in Masscan tool
Installing Masscan tool and make sure the tool runs well
To install the tool enter this command
sudo apt-get install masscan
To check the tool runs good, do this command
Now, we can see the tool runs well
Example2: Default scan
Doing a standard scan in masscan, use this command
sudo masscan <IP Address>/range -p80
sudo masscan 10.10.10.1/1 -p80
-p specifying the port
Example3: Multi port scan
Doing a multi-port scan is really simple to follow this command and try it…
sudo masscan 10.10.10.1 -p1-50
Here we are scanning ports from 1 to 50
Example4: Random port scan
Lets scan for various specific ports
sudo masscan 10.10.10.1 -p1,20,80
Doing a UDP scan, just do this command…
masscan 10.10.10.1 -pU:53
-pU scanning UDP
Increasing the speed of the scan, to increase the speed of the scan enter this command
sudo masscan 10.0.0.1/24 --rate 10000 -p80
–rate is increasing the speed of the scan
Example7: Exclude IP
Exclude an IP address while scanning
sudo masscan 220.127.116.11/16 -p0-1000 --exclude=18.104.22.168
–exclude excluding a particular IP address here it is 22.214.171.124…
Example8: Scan IP from .txt file
Now let’s see how to exclude a bunch of IP addresses
sudo masscan 0.0.0.0/0 -p0-65535 --excludefile exclude.txt
Example9: Open port
scan for only open ports
masscan 10.0.0.0/8 -p80 --open-only
Masscan Example10: Version
Gathering the server version by entering –banners
masscan 0.0.0.0/0 --excludefile 255.255.255.255 -pU:53 --banners
Example11: Full scan
Doing a full scan in masscan ????
masscan 10.1.1.1/24 -p 0-65535 --rate 1000000 --open-only --http-user-agent \
"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0"\-oL "output.txt"
Masscan Example12: Save output
Saving the output in different formats
masscan 10.1.1.1/24 -p 0-65535 -oX "file"
Instead of -oX you can save in all these formats ????
According to my knowledge, this tool is fine but not good and comparing to masscan I will prefer Nmap. Yes, NMap is better than Masscan…
Also Read: Installing custom kali is easy ????????
Also Read: Parsero information gathering