How to scan top 100 ports with masscan

February 24, 2020

If you have ever wanted to scan the top 100 ports with masscan here are the instructions:

masscan -p7,9,13,21-23,25-26,37,53,79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157 10.11.1.0/24 --rate=1000 -e tun0 --router-ip 10.11.0.1

You will need to replace the following:

  • tun0 with your interface
  • router-ip with the router of the subnet you are scanning
  • 10.11.1.0/24 with the subnet you are scanning

I obtain the top 100 ports using nmap:

nmap -F -oG - 0.0.0.1 -v
[root@kali:~/oscp/labs/discovery]# nmap -F -oG - 0.0.0.1 -v
# Nmap 7.80 scan initiated Mon Feb 24 07:19:35 2020 as: nmap -F -oG - -v 0.0.0.1
# Ports scanned: TCP(100;7,9,13,21-23,25-26,37,53,79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157) UDP(0;) SCTP(0;) PROTOCOLS(0;)
Host: 0.0.0.1 ()    Status: Down
# Nmap done at Mon Feb 24 07:19:38 2020 -- 1 IP address (0 hosts up) scanned in 3.13 seconds