Sign in Subscribe
Tools

RustScan - Fast Port Scanning

Billy Demourelle

3 min read
RustScan - Fast Port Scanning

Port scanning is a widely used penetration testing tool to scan and verify if certain ports are open or vulnerable within a network. The default go-to tool is Nmap but it has been around since 1997 and is currently being out-performed by other tools in terms of scan speed and capabilities.

RustScan is an open-source and free-to-use tool that brings incredible speed to port scanning. It was developed in Rust language which is how it is able to operate so quickly. It also automatically fine-tunes itself to match the host OS using a set of features called "Adaptive Learning",which allows the tool to constantly improve itself the more you use it. By default, this tool scans 3000 ports per second.

GitHub - RustScan/RustScan: 🤖 The Modern Port Scanner 🤖
🤖 The Modern Port Scanner 🤖. Contribute to RustScan/RustScan development by creating an account on GitHub.
GitHubRustScan

Install Rust

Docker is currently the recommended way of installing RustScan due to:

  • It contains high open file descriptor limit.
  • It also allows the tool to be ran of different OS, such as Windows and Mac OS.
  • Docker has all dependencies to be installed as well such as Rust, Cargo, and Nmap with the latest versions

If you want to utilize this tool on your existing Linux workstation (Debian Kali/Parrot), which is how I use it, I am providing those instructions as well.

Install using Docker

  1. Install docker following their instructions
  2. Run the following command against the IP you would want to target 
docker run -it --rm --name rustscan rustscan/rustscan:alpine <rustscan arguments> <ip address>
💡
You will have to run the beginning command every time. It will be helpful to make this into an alias following these steps:

Utilize the following command to make an alias

alias rustscan='docker run -it --rm --name rustscan rustscan/rustscan:alpine'

Now you can run the command as such.

rustscan <ip address> <rustscan arguments>

Example command: 

rustscan 172.16.1.1 -t 500 -b 1500

Install on Debian (Kali/Parrot)

To install the tool on to Debian using the snapd package manager.

  • Run these commands to install the snapd package manager
sudo apt-get update
sudo apt-get install snapd

#Run this command to install the snapd snap in order to get the latest snapd
sudo snap install snapd
  • Install RustScan using the following command
sudo snap install rustscan
  • Now you should be able to run rust scan using the following command
rustscan <ip address> <rustscan arguments>

Example Use Cases

  • Access the RustScan help page
rustscan --help
  • Scan multiple IPs using a comma-separated list
rustscan -a 172.16.1.1,172.16.100.100
  • Scan hosts using a hosts file

hosts.txt

172.16.1.1
172.16.1.0
google.com
172.16.0.0/16
127.0.0.1
rustscan -a 'hosts.txt'
  • Scan a subnet using the CIDR notation
rustscan -a 172.16.1.1/16
  • Scan a host for a range of ports
rustscan -a 172.16.1.1 --range 1-1000
  • Random port ordering will let you scan ports in a random order as a defense evasion technique
rustscan -a 172.16.1.1 --range 1-1000 --scan-order "Random"

References

Installation Guide
🤖 The Modern Port Scanner 🤖. Contribute to RustScan/RustScan development by creating an account on GitHub.
GitHubRustScan
Usage
🤖 The Modern Port Scanner 🤖. Contribute to RustScan/RustScan development by creating an account on GitHub.
GitHubRustScan

https://github.com/RustScan/RustScan/wiki/Things-you-may-want-to-do-with-RustScan-but-don't-understand-how