A comprehensive, professional-grade port scanning tool with advanced features
- β 6 Scan Types: TCP Connect, UDP, SYN, FIN, NULL, XMAS
- β Multi-Target Support: IP ranges, CIDR notation, comma-separated lists, file input
- β 70+ Service Detection: Automatic service identification
- β Banner Grabbing: HTTP, FTP, SSH, SMTP, MySQL protocols
- β High Performance: 100-2000 ports/second with multi-threading
- π‘οΈ Vulnerability Scanning: 10+ CVE checks for common services
- π‘οΈ SSL/TLS Analysis: Detects weak protocols (SSLv2, SSLv3, TLS1.0, TLS1.1)
- π‘οΈ OS Fingerprinting: TTL and TCP Window analysis
- π‘οΈ WAF/IDS Detection: Identifies security systems
- π‘οΈ Scan Comparison: Track changes between scans
- π 5 Output Formats: JSON, CSV, TXT, HTML, XML (Nmap compatible)
- π Professional HTML Reports: Beautiful, interactive web reports
- π XML Compatibility: Works with Nmap tools
- π Web Dashboard: Real-time monitoring and visualization
- β‘ Speed Presets: Slow, Normal, Fast, Aggressive
- β‘ Customizable Threading: 10-500 concurrent threads
- β‘ Timeout Control: Adjustable connection timeouts
- β‘ Verbose Mode: Detailed real-time output
- β‘ Port Presets: Common, Top100, Top1000, All
- Python 3.7 or higher
- Root/sudo access (for SYN, FIN, NULL, XMAS scans and OS detection)
# Clone or download the repository
cd port-scanner
# Install dependencies
pip install -r requirements.txt
# Make executable
chmod +x port_scanner.pyscapy>=2.4.5 # For advanced scan types (optional)
flask>=2.0.0 # For web dashboard (optional)
# Scan common ports
python3 port_scanner.py -t 192.168.1.1 --preset common
# Scan specific ports
python3 port_scanner.py -t example.com -p 80,443,8080
# Scan port range
python3 port_scanner.py -t 192.168.1.1 -p 1-1000# Full security scan with HTML report
python3 port_scanner.py -t 192.168.1.1 -p 1-1000 \
--vuln-scan --ssl-scan --detect-waf \
-o report.html -f html -v
# SYN scan (stealth)
sudo python3 port_scanner.py -t 192.168.1.1 -p 1-1000 -s syn
# Fast aggressive scan
python3 port_scanner.py -t 192.168.1.1 --preset top1000 --speed aggressive# CIDR notation
python3 port_scanner.py -t 192.168.1.0/24 -p 80,443
# IP range
python3 port_scanner.py -t 192.168.1.1-192.168.1.50 -p 22,80
# Multiple IPs
python3 port_scanner.py -t 192.168.1.1,192.168.1.2,192.168.1.3 -p 80
# From file
python3 port_scanner.py --target-file targets.txt -p 1-1000# Start web interface
python3 port_scanner.py --web-dashboard
# Access at http://localhost:8080-t, --target Target IP/hostname (supports: IP, range, CIDR, comma-separated)
--target-file File containing targets (one per line)
-p, --ports Ports to scan (e.g., 80, 80-100, 80,443,8080)
--preset Use preset port list (common, top100, top1000, all)
-s, --scan-type Scan type (default: tcp)
tcp TCP Connect scan (default, no root required)
udp UDP scan
syn SYN scan (stealth, requires root)
fin FIN scan (stealth, requires root)
null NULL scan (stealth, requires root)
xmas XMAS scan (stealth, requires root)
-T, --threads Number of threads (default: 100)
--timeout Connection timeout in seconds (default: 1.0)
--speed Speed preset (slow, normal, fast, aggressive)
--vuln-scan Enable vulnerability scanning
--ssl-scan Enable SSL/TLS vulnerability scanning
--os-detection Enable OS detection (requires root)
--detect-waf Detect WAF/IDS/IPS systems
-o, --output Output file path
-f, --format Output format (json, csv, txt, html, xml)
-v, --verbose Enable verbose output
--compare Compare with previous scan (JSON file)
--web-dashboard Start web dashboard
python3 port_scanner.py -t example.com -p 80,443,8080,8443 -vsudo python3 port_scanner.py -t 192.168.1.100 -p 1-65535 \
-s syn --vuln-scan --ssl-scan --os-detection --detect-waf \
-o full_audit.html -f html -vpython3 port_scanner.py -t 192.168.1.0/24 --preset common \
--speed fast -o network_scan.json -f jsonsudo python3 port_scanner.py -t target.com -p 1-1000 \
-s xmas --speed slow -o stealth_scan.xml -f xmlpython3 port_scanner.py -t db-server.local \
-p 3306,5432,1433,27017,6379 \
--vuln-scan -v# First scan
python3 port_scanner.py -t 192.168.1.1 -p 1-1000 -o scan1.json
# Second scan (later)
python3 port_scanner.py -t 192.168.1.1 -p 1-1000 -o scan2.json
# Compare
python3 port_scanner.py --compare scan1.json -o scan2.json# Create targets.txt
echo "192.168.1.1" > targets.txt
echo "192.168.1.2" >> targets.txt
echo "example.com" >> targets.txt
# Scan all targets
python3 port_scanner.py --target-file targets.txt \
--preset top100 -o bulk_scan.html -f html{
"target": "example.com",
"target_ip": "93.184.216.34",
"scan_type": "tcp",
"start_time": "2025-10-22T04:51:12",
"duration": 1.23,
"open_ports": 2,
"results": {
"80": {
"status": "open",
"service": "HTTP",
"banner": "Apache/2.4.41"
}
}
}<?xml version="1.0" ?>
<nmaprun scanner="advanced-port-scanner" version="3.0">
<host>
<address addr="192.168.1.1" addrtype="ipv4"/>
<ports>
<port protocol="tcp" portid="80">
<state state="open" reason="syn-ack"/>
<service name="HTTP"/>
</port>
</ports>
</host>
</nmaprun>Professional, interactive web report with:
- Beautiful gradient design
- Statistics dashboard
- Port details table
- Vulnerability highlights
- OS detection results
- Responsive layout
Checks for known vulnerabilities in:
- Apache (CVE-2011-3192, CVE-2021-41773, etc.)
- OpenSSH (CVE-2018-15473, CVE-2018-15919)
- ProFTPD, vsftpd, nginx, IIS, Samba
- And more...
Detects weak protocols:
- SSLv2 (DROWN Attack)
- SSLv3 (POODLE Attack)
- TLSv1.0 (BEAST Attack)
- TLSv1.1 (Deprecated)
Identifies security systems:
- Cloudflare, Incapsula, Imperva
- F5, Barracuda, FortiWeb
- ModSecurity
- Custom IDS/IPS systems
Start the web dashboard for real-time monitoring:
python3 port_scanner.py --web-dashboardFeatures:
- π Real-time statistics
- π― Start scans from browser
- π View scan history
- πΎ Download results
- π± Responsive design
Access at: http://localhost:8080
IMPORTANT: This tool is for educational and authorized security testing ONLY.
- β Legal Use: Your own systems, authorized penetration tests
- β Illegal Use: Unauthorized scanning, accessing systems without permission
Unauthorized port scanning may be illegal in your jurisdiction and can result in:
- Criminal charges
- Civil lawsuits
- Network bans
- Legal prosecution
Always obtain written permission before scanning any network or system you do not own.
# Install scapy for advanced features
pip install scapy
# Or use TCP scan (no scapy required)
python3 port_scanner.py -t target -p 80 -s tcp# SYN, FIN, NULL, XMAS scans require root
sudo python3 port_scanner.py -t target -p 80 -s syn# Increase threads and reduce timeout
python3 port_scanner.py -t target -p 1-1000 -T 300 --timeout 0.5
# Or use speed preset
python3 port_scanner.py -t target -p 1-1000 --speed aggressive# Install Flask
pip install flask
# Check if port 8080 is available
netstat -tuln | grep 8080- Local Network: Use high thread count (200-500) and low timeout (0.3-0.5s)
- Internet Scanning: Use moderate threads (50-100) and higher timeout (1-2s)
- Stealth Scanning: Use slow speed preset and SYN/FIN/NULL/XMAS scans
- Large Port Ranges: Use aggressive speed preset or increase threads
- Firewall Detection: Use multiple scan types to identify filtered ports
Contributions are welcome! Please feel free to submit pull requests or open issues.
- β¨ Added multi-target support (IP ranges, CIDR, file input)
- β¨ Added XML output format (Nmap compatible)
- β¨ Added FIN, NULL, XMAS scan techniques
- β¨ Added WAF/IDS detection
- β¨ Added scan comparison feature
- β¨ Added web dashboard
- π§ Improved performance and stability
- π Enhanced documentation
- Added vulnerability scanning
- Added SSL/TLS analysis
- Added OS fingerprinting
- Added HTML reports
- Basic TCP/UDP/SYN scanning
- Service detection
- JSON/CSV output
MIT License - See LICENSE file for details
Advanced Port Scanner v3.0
- Inspired by Nmap
- Built with Python, Scapy, and Flask
- Community feedback and contributions
Happy Scanning! π
Remember: With great power comes great responsibility. Use this tool ethically and legally.