Port Scanning-Masscan

What is Masscan?

Masscan is an ultra-fast port scanner capable of scanning large networks in a short time. It provides similar functionality to Nmap but is optimized for high-speed scanning, allowing it to scan millions of IPs and ports within minutes.

---

Key Features of Masscan

1. Extremely Fast Scanning

   • Can send over 10 million packets per second on a single machine.

   • Can scan the entire IPv4 internet in about 6 minutes.

2. Asynchronous Scanning

   • Uses its own custom packet generation engine for optimized performance.

   • Much faster than traditional scanners like Nmap.

3. Nmap Compatibility

   • Can output results in a format similar to Nmap.

   • However, it does not support all of Nmap's advanced features (e.g., service detection using a full TCP 3-way handshake).

4. Flexible Target and Port Specification

   • Allows scanning of specific networks or the entire internet.

   • Can target specific ports (e.g., HTTP port 80, HTTPS port 443, etc.).

---

Basic Usage of Masscan

masscan -p80 192.168.1.0/24 --rate=10000

• -p80 : Scan port 80 (HTTP).

• 192.168.1.0/24 : Target subnet.

• --rate=10000 : Send 10,000 packets per second.

Example: Scanning the entire internet (IPv4)

masscan 0.0.0.0/0 -p443 --rate=100000

• 0.0.0.0/0 : Scan the entire IPv4 address space.

• -p443 : Scan for HTTPS servers.

• --rate=100000 : Set the scan rate to 100,000 packets per second.

---

Important Masscan Options

---

Limitations of Masscan

• Does not complete TCP connections → Cannot detect services without additional scanning (e.g., Nmap service detection is required).

• Consumes high network bandwidth → May trigger firewall or IDS/IPS alerts.

• Legal Concerns → Unauthorized scanning can be illegal, so always obtain permission before use.

---

Masscan vs. Nmap

---