Faster Scans by (guessing) #23
Description
I can't find the original repo for Rumble community so I hope this reaches the 'ideas' department :P
You could always use masscan but at the end of the day you have to toss packets! This assumes nobody starts at 10.143.64.1 and guesses where to start.
So I wanted to pass along idea for 'fast' scanning with rumble. I have been using this for discovery. The basics are... I guess the starting range of a IP spaces and then scan all the ranges around it to try to find other neighbors. For 10. it ends up being as fast as 172. etc ...
Reference: https://github.com/freeload101/SCRIPTS/blob/master/Bash/NMAP_SMART_FAST.sh
nmap --max-retries 1 --min-parallelism 100 -oA 10_GUESS --top-ports 20 -T5 --open --randomize-hosts --defeat-rst-ratelimit 10.0-255.0-255.1,2,3,10,20,30,100,254