Esta página se muestra en inglés. Una traducción al español está en curso.
ScriptsMay 4, 2026·3 min de lectura

masscan — Internet-Scale Port Scanner at 10 Million Packets Per Second

The fastest port scanner capable of scanning the entire Internet in under six minutes, using asynchronous packet transmission.

Script Depot
Script Depot · Community

Introduction

masscan is an asynchronous TCP port scanner written in C that can transmit up to 10 million packets per second. Designed by Robert David Graham, it uses its own custom TCP/IP stack to achieve speeds that make full-Internet scans feasible on commodity hardware.

What masscan Does

  • Scans TCP and UDP ports at rates exceeding Nmap by 100x or more
  • Uses a custom TCP/IP stack bypassing the OS kernel for raw packet transmission
  • Outputs results in Nmap-compatible XML, JSON, or binary formats
  • Supports banner grabbing for service identification on open ports
  • Randomizes target order to distribute scan traffic evenly

Architecture Overview

masscan operates by generating SYN packets directly via raw sockets or libpcap, bypassing the operating system's TCP stack entirely. A separate receive thread captures responses asynchronously. Target randomization uses a cryptographic permutation to avoid sequential scanning of adjacent IP addresses, which reduces the chance of triggering network-level rate limiting.

Self-Hosting & Configuration

  • Build from source with make on Linux or use package managers
  • Requires root or sudo for raw socket access
  • Configure --rate to control packets per second based on bandwidth
  • Exclude sensitive ranges using --excludefile with a list of CIDRs
  • Use --banners to enable lightweight service fingerprinting

Key Features

  • Custom TCP/IP stack for kernel-bypass packet generation
  • Stateless SYN scanning with asynchronous response collection
  • Nmap-compatible output formats for integration with existing workflows
  • Built-in support for TLS and HTTP banner collection
  • Resume interrupted scans via saved state files

Comparison with Similar Tools

  • Nmap — far more feature-rich (scripting, OS detection) but orders of magnitude slower for large scans
  • ZMap — similar speed for single-port scans, masscan supports multi-port in one pass
  • RustScan — wraps Nmap with fast initial port discovery, less control over packet rate
  • Unicornscan — older async scanner, less maintained and slower

FAQ

Q: Does masscan require root privileges? A: Yes. Raw socket access requires root on Linux or administrator privileges on Windows.

Q: Can I use masscan output with Nmap? A: Yes. Use -oX to produce Nmap-compatible XML, then feed open ports into Nmap for deeper service analysis.

Q: Will masscan damage my network? A: At high rates, masscan can saturate links and trigger IDS alerts. Always use --rate responsibly and only scan networks you are authorized to test.

Q: Does masscan support IPv6? A: IPv6 support is experimental. For production IPv6 scanning, consider ZMap or Nmap.

Sources

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados

Pocket ID — Self-Hosted OIDC Provider with Passkey Authentication

A simple self-hosted OpenID Connect provider that lets users authenticate to services using passkeys and biometrics instead of passwords.

Script Depot

Feishin — Modern Self-Hosted Music Player

A modern, feature-rich music player client for self-hosted music servers like Navidrome and Jellyfin with album art, lyrics, and gapless playback.

Script Depot

Romm — Self-Hosted ROM Collection Manager & Player

A self-hosted ROM library manager with metadata scraping, in-browser emulation, and multi-platform support for retro gaming collections.

Script Depot
Inicio🔍Buscar👤Yo