Port Scanning with Unicornscan.

Updated: Jan 14, 2021

We can use Unicornscan for information gathering purpose along with for port scanning.

Unicornscan has the following features:

Asynchronous stateless TCP port scanning
Asynchronous stateless TCP banner grabbing
Asynchronous UDP port scanning
Active and passive remote OS and application identification
Asynchronous stateless TCP scanning with all variations of TCP Flags.
Asynchronous protocol specific UDP Scanning (sending enough of a signature to elicit a response).
Active and Passive remote OS, application, and component identification by analyzing responses.
PCAP file logging and filtering.
Relational database output.
Custom module support.
Customized data-set views. Source: http://www.unicornscan.org/

Unicornscan Help

This comes pre-installed into Kali. Let’s start off with the simple commands, to get the help menu, type in:

unicornscan –help

TCP syn scan

unicornscan -v -I [IP ADDRESS]

-v Is verbose output

-i is an immediate mode

unicornscan -v -I -mT [IP ADDRESS]

This scan mode, tcp (syn) scan is default, U for UDP T for TCP `sf’ for TCP connect scan and A for ARP

UDP SCAN

unicornscan -v -I -mT [IP ADDRESS]

Specific Port Scan

unicornscan -r500 -mT -v -I [IP ADDRESS]/24:22

ACK scan

XMAS scan

Unicornscan Cheat Sheet For the most common scanning, please find a cheat sheet below to help you.

SYN : -mT

ACK scan : -mTsA

Fin scan : -mTsF

Null scan : -mTs

Xmas scan : -mTsFPU

Connect Scan : -msf -Iv

Full Xmas scan : -mTFSRPAU

scan ports 1 through 5 : (-mT) host:1-5

To spoof your IP use -s followed by the IP address.

To use another OS fingerprint use the -W switch followed by the numeric value of the OS.

0=Cisco (default) 1=openbsd 2= Windows XP 3= p0fsendsyn 4=FreeBSD 5= nmap

Computer Cool Tricks