Sometimes you want to get a quick scan done and Nmap can take a while. This is where Rustscan can speed things up, I will walk you through installing and using Rust on Kali Linux.
The Git Hub page can be found here
You can get the Kali download here.
Please note that you will have to have Nmap already installed. If you are running it on a Kali machine, you will have it installed.
Once you have it downloaded, move it to the directory that works for you.
~/tools/rustscan (I store my tools in my home folder)mkdir ~/tools/rustscancd ~/tools/rustscan (Moving to the directory)sudo apt install ./rustscan.deb (Insert the correct name if different then the write up )
Now that Rust is installed, we can run it
rustscan -a 10.10.10.10This will be the most common scan you will be doing. I believe it scans the top 1024 ports in use. For more in-depth scans, you will still need to use Nmap. Personally, once I do a Rust scan, I run a full Nmap scan in the background.
See the help page below for more arguments.
rustscan [OPTIONS] [– …]
OPTIONS:
-a, --addresses A comma-delimited list or newline-delimited file of separated CIDRs, IPs,
or hosts to be scanned
-p, --ports A list of comma separated ports to be scanned. Example: 80,443,8080
-r, --range A range of ports with format start-end. Example: 1-1000
-n, --no-config Whether to ignore the configuration file or not
--no-banner Hide the banner
-c, --config-path Custom path to config file
-g, --greppable Greppable mode. Only output the ports. No Nmap. Useful for grep or
outputting to a file
--accessible Accessible mode. Turns off features which negatively affect screen
readers
--resolver A comma-delimited list or file of DNS resolvers
-b, --batch-size The batch size for port scanning, it increases or slows the speed of
scanning. Depends on the open file limit of your OS. If you do 65535 it
will do every port at the same time. Although, your OS may not support
this [default: 4500]
-t, --timeout The timeout in milliseconds before a port is assumed to be closed
[default: 1500]
--tries The number of tries before a port is assumed to be closed. If set to 0,
rustscan will correct it to 1 [default: 1]
-u, --ulimit Automatically ups the ULIMIT with the value you provided
--scan-order The order of scanning to be performed. The "serial" option will scan
ports in ascending order while the "random" option will scan ports
randomly [default: serial] [possible values: serial, random]
--scripts Level of scripting required for the run [default: default] [possible
values: none, default, custom]
--top Use the top 1000 ports
-e, --exclude-ports A list of comma separated ports to be excluded from scanning. Example:
80,443,8080
-x, --exclude-addresses A list of comma separated CIDRs, IPs, or hosts to be excluded from
scanning
--udp UDP scanning mode, finds UDP ports that send back responses
-h, --help Print help
-V, --version Print version