Wednesday, January 22, 2025
HomeInformation GatheringMasscan - World's Fastest Scanner - Scan the Entire Internet in Under...

Masscan – World’s Fastest Scanner – Scan the Entire Internet in Under 6 Minutes

Published on

SIEM as a Service

Follow Us on Google News

Masscan – Worlds fastest scanner can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. 

Masscan is an Internet-scale port scanner, useful for large-scale surveys of the Internet, or of internal networks.

While the default transmit rate is only 100 packets/second, it can optionally go as fast as 25 million packets/second, a rate sufficient to scan the Internet in 3 minutes for one port.

It produces results similar to Nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous transmission.

The major difference is that it’s faster than these other scanners. In addition, it’s more flexible, allowing arbitrary address ranges and port ranges. In this Kali Linux tutorial, we introduce you to Massscan.

Also Read How to perform Information Gathering in Kali using NMAP – A Detailed Explanation

NOTE: It uses a custom TCP/IP stack. Anything other than simple port scans will cause conflict with the local TCP/IP stack. This means you need to either use the -S option to use a separate IP address or configure your operating system to firewall the ports that Masscan uses.

Downloading And Building Masscan

On Debian/Ubuntu:

$ sudo apt-get install git gcc make libpcap-dev
$ git clone https://github.com/robertdavidgraham/masscan
$ cd masscan
$ make

The source consists of a lot of small files, so building goes a lot faster by using the multi-threaded build:

$ make -j

Here is how you might use it:

masscan 10.0.0.0/8 -p443 -S 10.1.2.53 --rate 100000 --heartbleed

This command explained:

  • 10.0.0.0/8 = the network you want to scan, which is all 10. x.x.x
  • -p443 = the port(s) you want to scan, in this case, the ones assigned to SSL
  • -S 10.1.2.53 = an otherwise unused local IP address to scan from
  • –rate 100000 = 100-packets/second, which scans the entire Class A range in a few minutes
  • –heartbleed = the new option that reconfigures masscan to look for this vulnerability

The output on the command line will look like the following:

Discovered open port 443/tcp on 10.20.30.143
Banner on port 443/tcp on 10.20.30.143: [ssl] cipher:0xc014
Banner on port 443/tcp on 10.20.30.143: [vuln] SSL[heartbeat] SSL[HEARTBLEED]


masscan-new

You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.

Also, Read

10 Best Vulnerability Scanner Tools For Penetration Testing – 2023

Top 10 Open Port Scanner and Port Checker Tools for 2023

hping3 – Network Scanning Tool – Packet Generator

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)

A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical...

Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One

A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to...

Beware! Fake SBI Reward APK Attacking Users to Deliver Android Malware

A recent phishing campaign has targeted customers of SBI Bank through a deceptive message...

Gootloader Malware Employs Blackhat SEO Techniques To Attack Victims

The Gootloader malware family employs sophisticated social engineering tactics to infiltrate computers.By leveraging...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

AgentTesla Stealer Delivered Via Weaponized PDF and CHM Files

AgentTesla, a notorious information stealer, is observed spreading via CHM and PDF Files, which...

InSpy – Linkedin Information Gathering Tool for Penetration Testers

The objective of this Information Gathering tool is to extract Linkedin users based on...

scanless – A Pentesting Tool to Perform Anonymous open Port Scan on Target Websites

Network Penetration Testing determines vulnerabilities on the network posture by discovering Open ports, Troubleshooting...