How to scan a host with RustScan
After using nmap and unicornscan for a while, RustScan is probably the fastest to scan TCP and UDP ports, learn how to use it
When performing a penetration test, one of the most crucial parts is scanning and enumeration. Because if you lose any important port at this stage, you are letting go a juicy part of the attack vector to compromise the machine.
Nmap is the standard-de-facto for port scanning, however it’s great to know that there are other tools much more modern and pluggable such as Project Discovery port scanning tool, RustScan.
There are several ways to install the tool. We will use Docker this time because it is more independent of your operating system and local dependencies.
Of course, you’ll need docker already installed in your machine. Afterwards, you are ready to download the latest RustScan Docker image from the official repository:
docker pull rustscan/rustscan:2.0.0
root@debian:~# docker pull rustscan/rustscan:2.0.0 2.0.0: Pulling from rustscan/rustscan 188c0c94c7c5: Pull complete 0d8f984b5092: Pull complete 6311e106f0ce: Pull complete Digest: sha256:9f7b2d282ab8f94005819a5d7011944e4071bdd5f5b4f67c5b659510d052266c Status: Downloaded newer image for rustscan/rustscan:2.0.0 docker.io/rustscan/rustscan:2.0.0
To check that was downloaded successfully:
root@debian:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE rustscan/rustscan 2.0.0 6890f34e17b0 10 months ago 41.6MB
Once downloaded, the easiest way to run a scan is with the following command:
docker run rustscan/rustscan:2.0.0 -a $IP_ADDRESS
Let’s run it against our home router as an example:
Do you like this stuff?! Subscribe for free to receive new posts and updates