What Is Masscan Tool And How To Use It?  

What Is Masscan Tool And How To Use It?  

June 9, 2023 Off By Das

Masscan is short for “massive scan,” an open-source network scanner tool, similar to Nmap. Notably, the tool can send up to 10 million packets per second, making it significantly faster than many other network scanners like Nmap.

To perform a network scan, you need to specify the IP range and the relevant ports to scan. Then, it will perform a relatively fast TCP SYN scan; however, you can configure it for other types of scans as well.

Furthermore, it works for multiple operating systems like Windows, MacOS, and Linux.

Installation

We will use the command  sudo apt install masscan in order to install masscan:
masscaninstall

Masscan Scan Example

To establish a basic scan, specify the target IP range and ports you want to scan. For example, to scan port 80 on 192.168.124.0/24 network:

masscan scan

You can see masscan perform TCP SYN scan on 256 hosts in the specified range 192.168.124.0/24 and just one port is checked per host. The scan found one host with open port – host 192.168.124.130.

Besides specifying a single port or IP address, there is also the option to specify multiple ports or IP ranges:

Specify IP: 

    • specific IP (ex: 10.0.0.5) 

    • range (ex: 10.0.0.1-10.0.0.255 or 10.0.0.0/24)  

    • multiple IP separated by comma or space (ex: 10.0.0.0/8,192.168.0.1) 
    • exclude IP (ex: –exclude 192.168.124.130)

Specify Port:

    • Specific port (ex: -p 80) 

    • Range of ports (ex: -p 10-20) 

    • Multiple ports (-p80, 10-20) 

    • Udp ports (ex: -p U:161,U:1024-1100) 

Output Format:

Masscan supports various output formats, including XML, JSON, and binary. For example, to save the output in XML format:
 
masscanxml
 

Rate limit:

Masscan is fast scanner. sometimes there is need to limit thr rate of the pachets to avoid network load or security mechanisms triggering. we can do this by using –rate option:
masscanrate

Conclusion

Masscan is a powerful and efficient tool for network scanning, capable of performing large-scale scans at high speed. It is ideal for tasks requiring rapid discovery of open ports and services across vast network ranges. However, due to its aggressive nature, it’s essential to use it responsibly and with proper authorization to avoid unintended network disruptions or legal issues.