Skip to main content

Alternative Network Scans

Ping Scan

Linux

Partially developed with the assistance of Bing CoPilot. It's not perfect, but it'll do the job.

ip="10.9.9.0"; cidr=24; IFS=. read -r i1 i2 i3 i4 <<< "$ip"; raw=$(( (1 << (32 - cidr)) - 2 )); base_ip=$(( (i1<<24) + (i2<<16) + (i3<<8) + i4 )); network=$(( base_ip & (0xFFFFFFFF << (32 - cidr)) )); for i in $(seq 1 $raw); do ip_calc=$((network + i)); printf "%d.%d.%d.%d\n" $(( (ip_calc >> 24) & 255 )) $(( (ip_calc >> 16) & 255 )) $(( (ip_calc >> 8) & 255 )) $(( ip_calc & 255 )); done | awk '{ system("ping -c 1 -w 1 " $1 " | grep \"bytes from\" &"); }'

One-liner to ping loop through IP addresses and ping given a CIDR block

Port Scan

Linux

AWK

awk is super fast thanks to multi-threaded support

seq 1 65535 | awk '{ target="10.9.9.11"; port = $1; if (system("nc -nz " target " " port) == 0) { print "Port " port " is open"} ; }' > awk_scan.txt &

nc

seq 1 65535 | awk '{target="10.9.9.11"; port = $1; cmd="timeout 0.5 /bin/bash -c \"(echo 1 > /dev/tcp/" target "/" port ") >/dev/null 2>&1\""; if (system(cmd) == 0) { print "Port " port " is open"} ; }' > awk_scan.txt &

bash builtin - /dev/tcp

xargs -P 10 -a targets.txt -I % bash -c 'seq 1 65535 | awk '"'"'{target="%"; port = $1; if (system("nc -nz " target " " port) == 0) { print "Port " port " is open"} ; }'"'"' > awk_scan_%.txt &'

nc - using list of IP addresses in targets.txt

xargs -P 10 -a targets.txt -I % bash -c 'seq 1 65535 | awk '"'"'{target="%"; port = $1; cmd="timeout 0.5 /bin/bash -c \"(echo 1 > /dev/tcp/" target "/" port ") >/dev/null 2>&1\""; if (system(cmd) == 0) { print "Port " port " is open"} ; }'"'"' > awk_scan_%.txt &'

bash builtin - /dev/tcp - using list of IP addresses inĀ targets.txt

For Loop

for port in {1..65535} ; do nc -nz 10.9.9.11 $port && echo "Port ${port} is open" ; done > for_scan.txt &

nc

for port in {1..65535} ; do /bin/bash -c "echo 1 > /dev/tcp/10.9.9.11/${port} && echo \"Port ${port} is open\"" 2>/dev/null; done > for_scan.txt &

bash builtin - /dev/tcp

Windows

PowerShell

Custom Script

Compatible with PowerShell v5+

Test-TcpPort: https://github.com/0xBEN/PSToolbox/blob/master/Public/ps1/Test-TcpPort.ps1

Back to top