netscan
zmap


netscan | zmap | |
---|---|---|
1 | 2 | |
63 | 5,641 | |
- | 1.1% | |
0.5 | 8.3 | |
over 3 years ago | 2 days ago | |
Go | C | |
ISC License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
netscan
-
Masscan: Scan the entire Internet in under 5 minutes
I wrote netscan years ago and still use it. It's pretty fast too: https://github.com/62726164/netscan
zmap
-
What You Get After Running an SSH Honeypot for 30 Days
A lot of these seem to use zmap (https://github.com/zmap/zmap) or massscan (https://github.com/robertdavidgraham/masscan) for the initial scan.
Often with default parameters such as zmap setting ip id to 54321, having tcp initial window at 65535, having no SACK bit set and masscan with no SACK bit either, tcp initial window at 1024, tcp maximum segment size 1460 (which is strange to put below initial window size!), (older versions having fixed src port 61000 or 60000 from documentation examples and no MSS set), all of which are extremly uncommon in legitimate traffic and thus easily identified.
Even those so called "legitimate" scanners (emphasis on the "") seem to use these tools with little or no extra configuration.
-
Masscan: Scan the entire Internet in under 5 minutes
If masscan is of interest to you, be sure to check out zmap [0] as well. It can scan the entire IPv4 address space in around 45 minutes.
0: https://github.com/zmap/zmap
What are some alternatives?
masscan_as_a_service - masscan as a service
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
debcvescan - Debian CVE Scanner is self-contained CVE scanner for DEBIAN distributions written in golang.
zdns - Fast DNS Lookup Library and CLI Tool
naabu - A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
RustScan - 🤖 The Modern Port Scanner 🤖
portscan - Port scanning examples to teach Go concurrency bounding
iptables-autobanner
esp8266_deauther - Affordable WiFi hacking platform for testing and learning

