Basic introduction
MassCan's scans are similar to nmap (a well-known port scanner), and internally, it is the same as the previous XP system used SYN. Asynchronous transmission is adopted. The main difference between it and these scanners is that it is faster than these scanners. Moreover, MassCan is more flexible, allowing customization of arbitrary address vacancies and port ranges.
MassCan features:
Masscan, similar to Zmap, also uses stateless scanning technology.
Allows customization of arbitrary address ranges and port ranges;
set up black and white lists;
Set the scan rate;
Specify the source IP address, source port, and source MAC address of the packet to disguise it.
The result output supports various formats such as xml, binary, JSON, and list.
In order to meet the various scanning needs of users, Masscan provides scan settings such as the number of retries, UA field values, TTL values of outgoing packets, and waiting time after packet delivery.
Banner can be used directly in the scan command - banners.
Download Address:
https://pan.baidu.com/s/19tvTMaZqA4iBujyR500UNAExtraction code:Tourists, if you want to see the hidden content of this post, please Reply
MassCan installation steps
1. Install WinPcap first, which is the next step.
Parameter description of MassCan
<ip/range> IP address range, there are three valid formats, 1. Separate IPv4 address 2. Range address similar to "10.0.0.1-10.0.0.233" 3. CIDR address is similar to "0.0.0.0/0", multiple targets can be easily separated
-p <ports,--ports <ports>> Specify the port for scanning
--banners to get banner information and support a small number of protocols
--rate <packets-per-second> specifies the rate at which the package is issued
-c <filename>, --conf<filename> read the config file for scanning
--echo redirects the current configuration into a config file
-e <ifname> , --adapter<ifname> Specify the name of the NIC interface used to issue packets
--adapter-ip <ip-address> specifies the IP address of the packet
--adapter-port <port> Specifies the source port of the packet
--adapter-mac <mac-address> Specifies the source MAC address of the packet
--router-mac <mac address> Specify the MAC address of the gateway
--exclude <ip/range> blacklists IP address ranges to prevent masscan scanning
--excludefile <filename> Specify the IP address range blacklist file
--includefile,-iL<filename> reads a list of ranges for scanning
--ping scan should contain ICMP response requests
--append-output is output to the file as an append
--iflist lists the available network interfaces and exits
--retries send the number of retries, in 1-second intervals
--nmap prints information about nmap compatibility
--http-user-agent <user-agent> sets the value of the user-agent field
--show [open,close] tells the status of the port to be displayed, the default is to show open ports
--noshow [open,close] Disables port status display
--pcap <filename> stores the received packets in libpcap format
--regress Runs a regression test to test if the scanner is working properly
--ttl <num> specifies the TTL value of the outgoing packet, which defaults to 255
--wait <seconds> specifies the waiting time after the package is sent, which is 10 seconds by default
--offline has no actual contracting, and is mainly used to test overhead
-sL does not perform scanning, mainly generates a random list of addresses
--readscan <binary-files> reads the binary generated from -oB, which can be converted to XML or JSON format.
--connection-timeout <secs>Specifies the maximum number of seconds to keep a TCP connection while crawling banners, which defaults to 30 seconds.
|
Posted on 1/17/2019 8:39:39 AM
|
|
|
Posted on 6/18/2019 2:18:34 PM
|
Just in need! Thank you to the owner for providing it!
