robertdavidgraham/masscan

★ 25,700CAudience · developerComplexity · 3/5ActiveLicenseSetup · moderate

Mindmap

mindmap
  root((Masscan))
    What it does
      Scans TCP ports
      Finds open services
      Grabs banner info
    How it works
      Asynchronous packets
      Custom TCP/IP stack
      10M packets per second
    Use cases
      Inventory infrastructure
      Security research
      Internet surveys
    Tech stack
      C language
      Linux/macOS/Windows
      No dependencies
    Similar tools
      nmap compatible
      Command-line interface

mindmap root((Masscan)) What it does Scans TCP ports Finds open services Grabs banner info How it works Asynchronous packets Custom TCP/IP stack 10M packets per second Use cases Inventory infrastructure Security research Internet surveys Tech stack C language Linux/macOS/Windows No dependencies Similar tools nmap compatible Command-line interface

Things people build with this

USE CASE 1

Scan your company's network to discover which servers and services are exposed to the internet.

USE CASE 2

Research the open internet by scanning large IP ranges to understand what services are publicly accessible.

USE CASE 3

Verify firewall rules by checking which ports are reachable on your infrastructure.

USE CASE 4

Quickly inventory all running services across multiple machines in a data center.

Tech stack

CLinuxmacOSWindowsBSD

Getting it running

Difficulty · moderate Time to first run · 30min

Requires compilation from C source and raw socket/packet access privileges; network configuration may be needed for high-speed scanning.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

Masscan is an extremely fast TCP port scanner, a tool that discovers which network ports are open on one or more IP addresses. A port is like a numbered door on a networked computer; different services (web servers, databases, email servers) listen on specific port numbers. Port scanners are used by network administrators and security professionals to inventory what services are exposed on their infrastructure, and by security researchers to study the open internet. What sets Masscan apart is its speed: it can scan the entire public internet in under five minutes by sending 10 million network packets per second from a single machine. It achieves this using asynchronous (non-waiting) packet transmission, meaning it fires off probes without waiting for replies before sending the next one. Its command-line interface is deliberately similar to nmap, the most widely known port scanner, so users familiar with nmap can switch with minimal relearning. Masscan implements its own internal TCP/IP stack rather than using the operating system's, which gives it independence and speed but requires some extra configuration to avoid conflicts with the host system's networking. Beyond just detecting open ports, it can also grab "banner" information, connecting to services like HTTP, SSH, FTP, and SSL to read their initial response. It is written in C, builds with just a C compiler, and runs on Linux, macOS, Windows, and BSD systems.

Copy-paste prompts

Prompt 1

How do I use masscan to scan all ports on a single IP address and show me which ones are open?

Prompt 2

What's the command to scan an entire subnet with masscan and grab banner information from open services?

Prompt 3

How do I configure masscan to avoid conflicts with my system's networking stack?

Prompt 4

Can you show me how to scan a large range of IPs with masscan and export the results to a file?

Prompt 5

What are the key differences between masscan and nmap, and when should I use masscan instead?

Open on GitHub → Explain another repo

Generated 2026-05-18 · Model: sonnet-4-6 · Verify against the repo before relying on details.