Masscan – Worlds fastest scanner can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second.
Masscan is an Internet-scale port scanner, useful for large-scale surveys of the Internet, or of internal networks.
While the default transmit rate is only 100 packets/second, it can optionally go as fast as 25 million packets/second, a rate sufficient to scan the Internet in 3 minutes for one port.
It produces results similar to Nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous transmission.
The major difference is that it’s faster than these other scanners. In addition, it’s more flexible, allowing arbitrary address ranges and port ranges. In this Kali Linux tutorial, we introduce you to Massscan.
NOTE: It uses a custom TCP/IP stack. Anything other than simple port scans will cause conflict with the local TCP/IP stack. This means you need to either use the -S option to use a separate IP address or configure your operating system to firewall the ports that Masscan uses.
Downloading And Building Masscan
On Debian/Ubuntu:
$ sudo apt-get install git gcc make libpcap-dev
$ git clone https://github.com/robertdavidgraham/masscan
$ cd masscan
$ make
The source consists of a lot of small files, so building goes a lot faster by using the multi-threaded build:
10.0.0.0/8 = the network you want to scan, which is all 10. x.x.x
-p443 = the port(s) you want to scan, in this case, the ones assigned to SSL
-S 10.1.2.53 = an otherwise unused local IP address to scan from
–rate 100000 = 100-packets/second, which scans the entire Class A range in a few minutes
–heartbleed = the new option that reconfigures masscan to look for this vulnerability
The output on the command line will look like the following:
Discovered open port 443/tcp on 10.20.30.143
Banner on port 443/tcp on 10.20.30.143: [ssl] cipher:0xc014
Banner on port 443/tcp on 10.20.30.143: [vuln] SSL[heartbeat] SSL[HEARTBLEED]
You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens,...
Supply Chain Attack Prevention
Free Webinar - Supply Chain Attack Prevention
Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.
Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.
Discussion points
Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.
