Naabu Port Scanner —A brief note

#whoami

Hello folks,

My name is Shan, A CSE student from India. I do like learning new things on CyberSecurity.

INTRODUCTION

naabu banner

Naabu is a port scanner made by Project Discovery. It is an open port scanner written in Go Language.

You can download it from the https://github.com/projectdiscovery/naabu repo. The version at present is v2.0.5 .

INSTALLATION

The system should have Golang installed. After that In the terminal just type:

go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

If you are using kali, You can just install it from the apt repository.

USAGE

The basic usage is,naabu [input]

HOST DISCOVERY

while doing host discovery you can type, naabu -host [host.com] . for example we can take hackerone.com using the command

naabu -host hackerone.com

naabu output for the above command.

the naabu is much faster than nmap. when I did check the time between both tools with no flags I got the result within 7 seconds in naabu and it took 20 seconds in nmap for the same result.

FLAGS

-p : set the port that should be scanned. for example : naabu -host hackerone.com -port 80 .

-c:we can set the request/sec using the flag, this flag is very important as the target IP/host may say that it cannot exceed more than n number of request per second that could end up in DOSing.The default request/second is 25 requests. For example, naabu -host hackerone.com -c 10 .

-top-ports : We can set the port that should be scanned upto n number of ports. let’s say we have to scan the first 200 ports as the default is 100, so we will use naabu -host hackerone.com -top-ports 200.

-list : we can give a file with hosts or domains. for example let’s say I have a file called hackerone.txt that contains subdomains of hackerone.com .I will use the command naabu -list hackerone.txt -port 80,443 .

result of above command

-nmap-cli: We can parse the nmap flags using this flag.The nmap must be installed in the system before running the flag.When we check for the version of port 80 in hackerone.com using the command : naabu -host hackerone.com -port 80 -nmap-cli 'nmap -sV'.

when you don’t have an nmap installed you will get an Output like this:

nmap not installed

and when you have installed the result for above command to parse nmap flag is:

nmap command parsed

CONCLUSION

Even tho it doesn’t have much features as nmap do, it can give the output very fast. To solve that we can use the -nmap-cli flag. I really liked the tool naabu and find it very useful too. Please like and follow,

Thank you will be back with new blog. See ya!