How to install and use Naabu in Windows

Enumeration and Scanning are integral parts of the Security Research Process. Getting information about the network structure of the target domain is very important. Automation Intelligence tools help us in improving the security research process and save lots of time. So Naabu is an automated tool that is used for Port Discovery. It is a fast port scanner tool that is written in Golang language that offers you to enumerate valid ports for target domains quickly and efficiently. It is a straightforward tool that does fast SYN scans on the host/list of hosts and lists all ports that return a reply.

Note: As Naabu is a Golang language-based tool, so you need to have a Golang environment on your system.

Features of Naabu Tool

• It is simple and has a modular codebase, which makes it easier to contribute.
• It is Quicker and Simpler in SYN probe-based scanning.
• It supports multiple output formats like JSON, file, Stdout.
• It is optimized for ease of use and lightweight resources.
• It has Stdin and stdout support for integrating into workflows.
• It has Flexible definitions for ports to scan.

Installation of Naabu Tool in Windows 10 OS

Step 1: Download the Nabbu Tool .zip File from Github, use the following link to download.

https://github.com/projectdiscovery/naabu/releases/tag/v2.0.4

Step 2: Unzip the Zip File using WinRar for Default System Extractor.

Right Click -> Extract Here

Step 3: Open the Command Prompt from the Nabbu Directory.

Type cmd on Address Bar

Type cmd to open Command Prompt from Working Directory

Step 4: Check the help menu page to get a better understanding of Naabu tool, use the following command.

naabu.exe -h

Now we are on the Command Prompt from the Naabu Directory.

Check the Help Menu Page using naabu.exe -h command.

Working with Naabu Tool in Windows 10

Example 1: Simple Host Scan (Single Host)

In this example, we are specifying only a single host for scanning (geeksforgeeks.org). Naabu will scan the host and output the results in the command line itself. -host tag is used to give input as the host to scan.

nabbu.exe - host geeksforgeeks.org

Example 2: Port Scan on Host

In this example, we are explicitly giving the ports to be scanned on the host geeksforgeeks.org. You can see that we have given 80,443,21-23 ports to be scanned on the host. -p tag is used for scanning ports on host. -p – is used to scan all ports.

naabu.exe -p 80,443,21-23 -host geeksforgeeks.org

Example 3: Excluding Ports to Scan on Host

In this example, we are filtering or excluding some results. We have given 443 port numbers to be excluded from the results. You can see that while scanning ports 80,443 naabu has only resulted 80 port number on geeksforgeeks.org. -exclude-ports tag is used.

naabu.exe -p 80,443 -exclude-ports 443 -host geeksforgeeks.org

Example 4: Saving the Output in File Format

In this example, we are storing output permanently in a txt file on our system. As on the command line, it vanishes when we close the window, so to store it permanently we provide -o tag with the output storing filename. 

naabu.exe -host geeksforgeeks.org -o output.txt

In the below screenshot, the results of the above scan are stored in the output.txt file on our system. It stores permanently rather than the command line.

Example 5: Multiple Hosts Scan

1. In this example, Naabu is provided to run a port scans on multiple hosts same instance. So in the below screenshot, we have given three hosts in hosts.txt file.

1. geeksforgeeks.org
2. facebook.com
3. google.com

naabu.exe -iL C:\Users\Gaurav\Downloads\naabu_2.0.4_windows_amd64\hosts.txt.txt

In the below screenshot, we are scanning ports for multiple hosts which are fetched from the hosts.txt file. -iL tag is used to use multiple hosts file.

Example 6: Saving the Output in JSON Format

In this Example. we are displaying our output in the format of JSON. As stated above Naabu allows to store and display output in various formats. -json tag is used here.

naabu.exe -host geeksforgeeks.org -json

Example 7: Using Pipe to filter Results

In this example, we are filtering results using the pipe (|) operator. You can see in the previous examples when we are starting our scan there is some caution message.

Use with caution. You are responsible for your actions

Developers assume no liability and are not responsible for any misuse or damage.

[←[34mINF←[0m] Running CONNECT scan with non root privileges

[←[34mINF←[0m] Found 2 ports on host geeksforgeeks.org (34.218.62.116)

So using the -silent tag along with pipe operator can remove the unnecessary message:

echo geeksforgeeks.org | naabu.exe -silent

Example 8: Second Layer Validation

In this example, we are instructing the tool to make a TCP connection for every port and verify if the connection succeeded.

naabu.exe -host geeksforgeeks.org -verifynaabu.exe -host geeksforgeeks.org -verify

Example 9: Nmap Integration

In this example, we are integrating naabu with nmap tool for more detailed results. -nmap-cli tag is used to give the nmap query in the form of a command line.

naabu -iL ip.txt -p 443,80 -stats -nmap-cli ‘nmap -sV -oX naabu-output.xml’

Example 10: CDN Exclusion

In this example, Naabu also supports excluding CDN IPs being port scanned. If used, only 80 and 443 ports get scanned for those IPs. This feature can be enabled by using exclude-cdn flag.

naabu.exe exclude-cdn cloudflare -host geeksforgeeks.org