Port Scanning

In previous articles, we discussed the design principles of Masscan and the engineering practices of Naabu. Today, we dive into the code level and use the Go language and Google’s powerful gopacket library to build a simple SYN Scanner with our own hands. Why Not Just Use net.Dial? In Go, the simplest way to check a port is to use net.Dial("tcp", "ip:port"). This corresponds to the OS’s Connect Scan: System sends SYN. Target replies SYN+ACK. System automatically replies ACK (handshake complete). Application layer Dial returns success. Application layer calls Close, sending FIN/RST. Disadvantages of this method: ...

Naabu is a modern port scanner built by the ProjectDiscovery team. Written in Go, it focuses on high performance, ease of integration, and usage in engineering pipelines. If Nmap is the classic all-rounder and Masscan is the representative of extreme speed, then Naabu is the “modern, automated, orchestratable” intermediate state between the two. 🚀 Tool Positioning Naabu implements port scanning via SYN/CONNECT/UDP probing methods, supporting: DNS resolution and automatic deduplication IPv4 / IPv6 mixed scanning (experimental) Passive port enumeration (Shodan / InternetDB) Host discovery and Nmap integration Multiple inputs (Domain / IP / CIDR / ASN) and multiple output formats (JSON / TXT / STDOUT) ⚙️ Key Technologies and Implementation in Naabu 1️⃣ Concurrency Model: Goroutine + Worker Pool Naabu uses Go’s native goroutine and channel model to drive large-scale scanning tasks. Each probe task is assigned to a worker pool for asynchronous execution, realizing the flow of “Massive Tasks → Lightweight Threads → Aggregated Output”. ...

Overview Port scanning is a crucial step in the information gathering phase and is one of the primary methods for obtaining service information from a target host. Its core relies on the transport layer characteristics of the TCP/IP protocol stack. Common active port scanning can be broadly divided into TCP Scanning and UDP Scanning. UDP Port Scanning Principle Unlike TCP, UDP is a connectionless, stateless protocol, so the information obtained during scanning is relatively limited. ...