Evilscan – Massive IP Port Scanner

Network Scanning is the phase in which information about the machines connected to the network is collected. This can be done with various methods, one of the best methods is using an automated tool. Evilscan is a network scanner developed in the NodeJS language. This tool has a variety of options like allowing the user to scan a single or bunch of IP addresses at the same time. 

It also supports users to choose a range of ports for scanning. With the help of this tool, we can discover the list of open ports on the target machine. TCPCONNECT, TCPSYN, and UDP methods are been supported by this tool. Evilscan tool is available on the GitHub platform, it’s free and open-source to use.

Note: Make Sure You have NodeJS Installed on your System, as this is a NodeJS-based tool. Click to check the Installation process: NodeJS Installation Steps on Linux

Installation of Evilscan Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/eviltik/evilscan.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd evilscan

Step 3: Install the requirements by using the following command.

sudo npm install -g evilscan

Step 4: Run the below command to verify the installation.

evilscan --help

Working with Evilscan Tool on Kali Linux OS

Example 1: Scan every port on localhost, grab a banner and display only opened ports

sudo evilscan 192.168.144.130 --port=0-65535 --banner

In this example, we are scanning the IP address for open ports and banner details (OS details).

We have got the results of our scan.

Example 2: Scan ports on localhost, grab a banner, display only opened ports, JSON output, progress status each second

sudo evilscan 192.168.144.130 –port=0-65535 –banner –isopen –istimeout –progress –json

In this example, we are displaying the results in the JSON format rather than the usual one.

We have got the results in JSON format.

Example 3: Port(s) you want to scan

sudo evilscan 192.168.144.130 --port=21-23,80

Example 4: Display DNS reverse lookup

sudo evilscan 192.168.144.130 --port=0-65535 --reverse 

Example 5: Only display results having a valid reverse dns, except if ports specified

sudo evilscan 192.168.144.130 --port=21-23,80 --reversevalid

Example 6: Display geoip (free maxmind)

sudo evilscan 34.218.62.116 --geo 

Example 7: Display banner

sudo evilscan 192.168.144.130 --port=0-100 --banner

Example 8: Set banner length grabbing

sudo evilscan 192.168.144.130 --port=21-23,80 --bannerlen 513

Example 9: Display raw banner (as a JSON Buffer)

sudo evilscan 192.168.144.130 --port=21-23,80 --bannerraw

Example 10: Display progress indicator each seconds

sudo evilscan 192.168.144.130 --port=21-23,80 --progress

Example 11: Ports status wanted in results

sudo evilscan 192.168.144.130 --port=21-23,80 --status=O

Example 12: Scan method

sudo evilscan 192.168.144.130 --port=21-23,80 --scan tcpconnect

Example 13: Max number of simultaneous socket opened

sudo evilscan 192.168.144.130 --port=21-23,80 --concurrency 400

Example 14: Maximum number of milliseconds before closing the connection

sudo evilscan 192.168.144.130 --port=21-23,80 --timeout 1500

Example 15: Display result format (json,xml,console)

sudo evilscan 192.168.144.130 --port=21-23,80 --display 

Example 16: Dump result in a file

sudo evilscan 192.168.144.130 –port=21-23,80 –outfile output.txt

Example 17: Shortcut for –display=json

sudo evilscan 192.168.144.130 --port=21-23,80 --json

Example 18: Shortcut for –display=xml

sudo evilscan 192.168.144.130 --port=21-23,80 --xml

Example 19: Shortcut for –display=console

sudo evilscan 192.168.144.130 --port=21-23,80 --console