Naabu: The Fast And Extensible Network Scanner For Reconnaissance

Naabu is a fast port scanner written in the go programming language. It focuses on reliability and simplicity. This tool is created and managed by Project Discovery.

It is a very straightforward program that quickly checks the host or list of hosts using SYN/CONNECT and reports all ports that only respond. Because of the speed, it saves a lot of time for the users.

Table of Contents

Features Of Naabu Tool

Fast Scanning: Naabu has been streamlined for speed and can quickly scan hundreds of hosts and ports.
Customizable Scanning: Users of Naabu can alter the scanning settings, such as the port range, the top ports, and the timeout value.
Modular Design: Users may build their scanners, and add additional features and capabilities to Naabu’s modular architecture.
Extensive Reporting: Naabu produces thorough reports with information about open ports, HTTP and HTTPS servers, and discovered vulnerabilities.
Flexible Output Formats: Users of Naabu can select from a variety of output formats, including JSON, XML, and CSV.
Simple Setup: Naabu is simple to set up and needs very little configuration.
Nmap Integration: Users can easily integrate Nmap into the tool.

Use Cases for Naabu Tool

Many network reconnaissance and vulnerability analysis activities may be performed with Naabu. Typical usage scenarios include:

Network Mapping: The network topology may be mapped using Naabu, and each host’s open ports and services can be found.
Vulnerability Assessment: Naabu may be used to find security holes in a variety of network services, including HTTP and FTP servers.
Web Application Fingerprinting: Naabu may be used to identify the version and kind of web server being used, as well as to fingerprint online applications.
Penetration Testing: Naabu is a tool that may be used in penetration testing to find possible weak points and attack routes.

How to install Naabu?

The prerequisite for the Naabu tool are:

Go Compiler
libpcap-dev package

This tool can run in any Linux distribution such as Parrot Security OS, Kali Linux or Ubuntu.

Follow the steps to install the tool:

Go to the GitHub page of the tool.
Open terminal and type the command shown below.

go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest

Now, go to the location where naabu is installed. Check if the tool is installed or not by the ls command.

cd go/bin/
ls

Move naabu to the bin directory inside the file system.

sudo mv naabu /usr/bin/

By moving it to the bin folder, the user can use the tool anywhere without specifying the tool’s location.

How to run Naabu?

To check this tool, we will use vulnhub.com.

naabu -host vulnhub.com

Options

Usage:
  ./naabu [flags]

INPUT:
   -host string[]              hosts to scan ports for (comma-separated)
   -list, -l string            list of hosts to scan ports (file)
   -exclude-hosts, -eh string  hosts to exclude from the scan (comma-separated)
   -exclude-file, -ef string   list of hosts to exclude from scan (file)

PORT:
   -port, -p string            ports to scan (80,443,100-200,u:53)
   -top-ports, -tp string      top ports to scan (default 100)
   -exclude-ports, -ep string  ports to exclude from scan (comma-separated)
   -ports-file, -pf string     list of ports to scan (file)
   -port-threshold, -pts int   port threshold to skip port scan for the host
   -exclude-cdn, -ec           skip full port scans for CDN's (only checks for 80,443)
   -display-cdn, -cdn          display cdn in use

RATE-LIMIT:
   -c int     general internal worker threads (default 25)
   -rate int  packets to send per second (default 1000)

OUTPUT:
   -o, -output string  file to write output to (optional)
   -json               write output in JSON lines format
   -csv                write output in csv format

CONFIGURATION:
   -scan-all-ips, -sa                  scan all the IP's associated with DNS record
   -ip-version, -iv string[]           ip version to scan of hostname (4,6) - (default 4)
   -scan-type, -s string               type of port scan (SYN/CONNECT) (default "s")
   -source-ip string                   source ip and port (x.x.x.x:yyy)
   -interface-list, -il                list available interfaces and public ip
   -interface, -i string               network Interface to use for port scan
   -nmap                               invoke nmap scan on targets (nmap must be installed) - Deprecated
   -nmap-cli string                    nmap command to run on found results (example: -nmap-cli 'nmap -sV')
   -r string                           list of custom resolver dns resolution (comma separated or from file)
   -proxy string                       socks5 proxy (ip[:port] / fqdn[:port]
   -proxy-auth string                  socks5 proxy authentication (username:password)
   -resume                             resume scan using resume.cfg
   -stream                             stream mode (disables resume, nmap, verify, retries, shuffling, etc)
   -passive                            display passive open ports using shodan internetdb api
   -irt, -input-read-timeout duration  timeout on input read (default 3m0s)
   -no-stdin                           Disable Stdin processing

HOST-DISCOVERY:
   -sn, -host-discovery           Perform Only Host Discovery
   -Pn, -skip-host-discovery      Skip Host discovery
   -ps, -probe-tcp-syn string[]   TCP SYN Ping (host discovery needs to be enabled)
   -pa, -probe-tcp-ack string[]   TCP ACK Ping (host discovery needs to be enabled)
   -pe, -probe-icmp-echo          ICMP echo request Ping (host discovery needs to be enabled)
   -pp, -probe-icmp-timestamp     ICMP timestamp request Ping (host discovery needs to be enabled)
   -pm, -probe-icmp-address-mask  ICMP address mask request Ping (host discovery needs to be enabled)
   -arp, -arp-ping                ARP ping (host discovery needs to be enabled)
   -nd, -nd-ping                  IPv6 Neighbor Discovery (host discovery needs to be enabled)
   -rev-ptr                       Reverse PTR lookup for input ips

OPTIMIZATION:
   -retries int       number of retries for the port scan (default 3)
   -timeout int       millisecond to wait before timing out (default 1000)
   -warm-up-time int  time in seconds between scan phases (default 2)
   -ping              ping probes for verification of host
   -verify            validate the ports again with TCP verification

DEBUG:
   -health-check, -hc        run diagnostic check up
   -debug                    display debugging information
   -verbose, -v              display verbose output
   -no-color, -nc            disable colors in CLI output
   -silent                   display only results in output
   -version                  display version of naabu
   -stats                    display stats of the running scan
   -si, -stats-interval int  number of seconds to wait between showing a statistics update (default 5)

Conclusion

For network reconnaissance and vulnerability analysis, Naabu is a helpful tool. It is a versatile and effective tool for network scanning because of its modular architecture, adjustable scanning parameters, and detailed reporting. Network mapping, vulnerability analysis, web application fingerprinting, and penetration testing are just a few of the use cases for Naabu. Naabu is a quick, portable, and adaptable network scanner that you may use.

Frequently Asked Questions (FAQs)

Who created naabu tool?

The Naabu tool was created by the Swedish cybersecurity company Project Discovery.

In which language naabu tool is created?

The Go programming language is used to create the Naabu tool. Go, commonly referred to as Golang, is a quick and effective programming language created by Google. This program is useful for network reconnaissance and vulnerability scanning since it makes use of Go’s concurrency features to carry out quick and effective scans.

0 0 votes

Article Rating

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Naabu: The Fast And Extensible Network Scanner For Reconnaissance

Knock Subdomain Enumeration Tool: A Comprehensive Guide

Cariddi: A Powerful Endpoint Finder Tool for Security Researchers

How To Install Visual Studio Code (VS Code) in Linux?

How To Install And Configure Go (Golang) Compiler in Linux and Window?

Knock Subdomain Enumeration Tool: A Comprehensive Guide

Cariddi: A Powerful Endpoint Finder Tool for Security Researchers

Subdomain Enumeration Guide: Best Tools, Techniques, and Security Practices

Who Wants Your Data? Data Privacy and Security Explained

Naabu: The Fast And Extensible Network Scanner For Reconnaissance

Features Of Naabu Tool

Use Cases for Naabu Tool

How to install Naabu?

How to run Naabu?

Options

Conclusion

Frequently Asked Questions (FAQs)

Related Posts