Masscan

Naabu is a modern port scanner built by the ProjectDiscovery team. Written in Go, it focuses on high performance, ease of integration, and usage in engineering pipelines. If Nmap is the classic all-rounder and Masscan is the representative of extreme speed, then Naabu is the “modern, automated, orchestratable” intermediate state between the two. 🚀 Tool Positioning Naabu implements port scanning via SYN/CONNECT/UDP probing methods, supporting: DNS resolution and automatic deduplication IPv4 / IPv6 mixed scanning (experimental) Passive port enumeration (Shodan / InternetDB) Host discovery and Nmap integration Multiple inputs (Domain / IP / CIDR / ASN) and multiple output formats (JSON / TXT / STDOUT) ⚙️ Key Technologies and Implementation in Naabu 1️⃣ Concurrency Model: Goroutine + Worker Pool Naabu uses Go’s native goroutine and channel model to drive large-scale scanning tasks. Each probe task is assigned to a worker pool for asynchronous execution, realizing the flow of “Massive Tasks → Lightweight Threads → Aggregated Output”. ...

Masscan is a classic and extremely high-speed network scanner. This article starts from implementation details to analyze how Masscan sends and receives packets directly at the user level, how it distinguishes responses generated by itself, as well as its target randomization and high-performance network card access technologies. 1. Masscan’s User-Level Sending/Receiving (libpcap) Masscan does not use the operating system’s full protocol stack, but instead sends and receives raw data packets directly on Linux based on libpcap. This brings several important impacts and limitations: ...

Introduction SYN Cookies were originally proposed to solve SYN Flood attacks. In high-concurrency network scanning, how to distinguish between TCP packets belonging to the scanner and normal traffic is a critical issue. Scanners (such as Masscan, ZMap) borrow the principle of Syncookies to verify responses without maintaining massive connection states, thereby improving scanning efficiency and reliability. This article will explain the application of Syncookies technology in scanning, combined with the implementation of Masscan. ...