loading
Loading content
loading
Also known as Network port scanner
A port scanner sends crafted packets to a host's ports and reads the replies to decide which ones are open, closed, or filtered. A TCP SYN scan, for instance, sends a SYN and infers state from the SYN-ACK, RST, or silence that comes back. The output is a map of listening services, the starting point for almost any assessment of a network target.
The tools split by purpose. Nmap is the reference scanner: accurate, scriptable through the NSE engine, and able to fingerprint services and operating systems. Masscan trades depth for raw speed, sweeping the entire IPv4 space or a large port range in minutes by sending packets asynchronously and tracking responses statelessly. Practitioners often pair them, masscan to find open ports fast, then Nmap to interrogate the hits in detail.
The scanner performs port scanning, feeds network mapping, and sets up service fingerprinting and banner grabbing to identify what each open port runs.
In a Trickest workflow a port scanner is a core node: take a resolved host list in, emit structured open-port data out, then route that to fingerprinting and vulnerability checks across thousands of targets in one graph.
Related terms