Naabu is a fast port scanner written in the go programming language. It focuses on reliability and simplicity. This tool is created and managed by Project Discovery.
It is a very straightforward program that quickly checks the host or list of hosts using SYN/CONNECT and reports all ports that only respond. Because of the speed, it saves a lot of time for the users.
Features Of Naabu Tool
- Fast Scanning: Naabu has been streamlined for speed and can quickly scan hundreds of hosts and ports.
- Customizable Scanning: Users of Naabu can alter the scanning settings, such as the port range, the top ports, and the timeout value.
- Modular Design: Users may build their scanners, and add additional features and capabilities to Naabu’s modular architecture.
- Extensive Reporting: Naabu produces thorough reports with information about open ports, HTTP and HTTPS servers, and discovered vulnerabilities.
- Flexible Output Formats: Users of Naabu can select from a variety of output formats, including JSON, XML, and CSV.
- Simple Setup: Naabu is simple to set up and needs very little configuration.
- Nmap Integration: Users can easily integrate Nmap into the tool.
Use Cases for Naabu Tool
Many network reconnaissance and vulnerability analysis activities may be performed with Naabu. Typical usage scenarios include:
- Network Mapping: The network topology may be mapped using Naabu, and each host’s open ports and services can be found.
- Vulnerability Assessment: Naabu may be used to find security holes in a variety of network services, including HTTP and FTP servers.
- Web Application Fingerprinting: Naabu may be used to identify the version and kind of web server being used, as well as to fingerprint online applications.
- Penetration Testing: Naabu is a tool that may be used in penetration testing to find possible weak points and attack routes.
How to install Naabu?
The prerequisite for the Naabu tool are:
- Go Compiler
- libpcap-dev package
This tool can run in any Linux distribution such as Parrot Security OS, Kali Linux or Ubuntu.
Follow the steps to install the tool:
- Go to the GitHub page of the tool.
- Open terminal and type the command shown below.
go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
- Now, go to the location where naabu is installed. Check if the tool is installed or not by the ls command.
cd go/bin/ ls
- Move naabu to the bin directory inside the file system.
sudo mv naabu /usr/bin/
By moving it to the bin folder, the user can use the tool anywhere without specifying the tool’s location.
How to run Naabu?
To check this tool, we will use vulnhub.com.
naabu -host vulnhub.com
Usage: ./naabu [flags] INPUT: -host string hosts to scan ports for (comma-separated) -list, -l string list of hosts to scan ports (file) -exclude-hosts, -eh string hosts to exclude from the scan (comma-separated) -exclude-file, -ef string list of hosts to exclude from scan (file) PORT: -port, -p string ports to scan (80,443,100-200,u:53) -top-ports, -tp string top ports to scan (default 100) -exclude-ports, -ep string ports to exclude from scan (comma-separated) -ports-file, -pf string list of ports to scan (file) -port-threshold, -pts int port threshold to skip port scan for the host -exclude-cdn, -ec skip full port scans for CDN's (only checks for 80,443) -display-cdn, -cdn display cdn in use RATE-LIMIT: -c int general internal worker threads (default 25) -rate int packets to send per second (default 1000) OUTPUT: -o, -output string file to write output to (optional) -json write output in JSON lines format -csv write output in csv format CONFIGURATION: -scan-all-ips, -sa scan all the IP's associated with DNS record -ip-version, -iv string ip version to scan of hostname (4,6) - (default 4) -scan-type, -s string type of port scan (SYN/CONNECT) (default "s") -source-ip string source ip and port (x.x.x.x:yyy) -interface-list, -il list available interfaces and public ip -interface, -i string network Interface to use for port scan -nmap invoke nmap scan on targets (nmap must be installed) - Deprecated -nmap-cli string nmap command to run on found results (example: -nmap-cli 'nmap -sV') -r string list of custom resolver dns resolution (comma separated or from file) -proxy string socks5 proxy (ip[:port] / fqdn[:port] -proxy-auth string socks5 proxy authentication (username:password) -resume resume scan using resume.cfg -stream stream mode (disables resume, nmap, verify, retries, shuffling, etc) -passive display passive open ports using shodan internetdb api -irt, -input-read-timeout duration timeout on input read (default 3m0s) -no-stdin Disable Stdin processing HOST-DISCOVERY: -sn, -host-discovery Perform Only Host Discovery -Pn, -skip-host-discovery Skip Host discovery -ps, -probe-tcp-syn string TCP SYN Ping (host discovery needs to be enabled) -pa, -probe-tcp-ack string TCP ACK Ping (host discovery needs to be enabled) -pe, -probe-icmp-echo ICMP echo request Ping (host discovery needs to be enabled) -pp, -probe-icmp-timestamp ICMP timestamp request Ping (host discovery needs to be enabled) -pm, -probe-icmp-address-mask ICMP address mask request Ping (host discovery needs to be enabled) -arp, -arp-ping ARP ping (host discovery needs to be enabled) -nd, -nd-ping IPv6 Neighbor Discovery (host discovery needs to be enabled) -rev-ptr Reverse PTR lookup for input ips OPTIMIZATION: -retries int number of retries for the port scan (default 3) -timeout int millisecond to wait before timing out (default 1000) -warm-up-time int time in seconds between scan phases (default 2) -ping ping probes for verification of host -verify validate the ports again with TCP verification DEBUG: -health-check, -hc run diagnostic check up -debug display debugging information -verbose, -v display verbose output -no-color, -nc disable colors in CLI output -silent display only results in output -version display version of naabu -stats display stats of the running scan -si, -stats-interval int number of seconds to wait between showing a statistics update (default 5)
For network reconnaissance and vulnerability analysis, Naabu is a helpful tool. It is a versatile and effective tool for network scanning because of its modular architecture, adjustable scanning parameters, and detailed reporting. Network mapping, vulnerability analysis, web application fingerprinting, and penetration testing are just a few of the use cases for Naabu. Naabu is a quick, portable, and adaptable network scanner that you may use.