Skip to main content

naabu

naabu is a rapid port scanning tool designed for security workflows within the Canva platform. It facilitates efficient reconnaissance by identifying open ports on specified targets, enhancing the initial stages of security assessments.

Ideal Use Cases & Fit

naabu excels in contexts where swift enumeration of open ports is essential. Typical use cases include:

  • Scanning a list of subdomains or IP addresses to identify exposed services.
  • Integrating with vulnerability assessment workflows to quickly gather intelligence on potential attack vectors.
  • Situations requiring silent operation or structured output formats, such as JSON.

However, it is not suited for detailed protocol detection or complex network environments involving extensive custom protocols.

Value in Workflows

In automated security workflows, naabu serves as an early reconnaissance step, enabling teams to promptly discover live hosts and associated services. This allows for better prioritization of subsequent security tests and threat modeling, ultimately leading to more efficient vulnerability management practices.

Input Data

naabu requires a list of targets in a newline-separated format, which can include subdomains or IP addresses. The expected function for input data is to identify points for scanning. For example:

www.example.com
142.251.37.164
www1.example.com

Configuration

  • silent: Enables silent output saving, ensuring minimal console feedback during execution.
  • json: Configures the output format to JSON lines, facilitating easier parsing by other tools.
  • port: Specifies the ports to scan (e.g., 80, 443, 100-200) to tailor the scan to known service configurations.
  • top-ports: Limits the scan to the most common ports (default is '100'), optimizing scanning time.
  • exclude-ports: Allows the exclusion of specific ports from the scan to focus on critical areas.
  • scan-all-ips: Enables scanning of all IPs associated with DNS records, providing comprehensive coverage.
  • proxy: Sets up a Socks5 proxy for the scanning process, maintaining anonymity during scans.
  • input-read-timeout: Defines a timeout setting for input reading, ensuring timely processing of targets.
  • timeout: Specifies the maximum duration before the scan times out, allowing for control over performance.
  • retries: Configures the number of attempts for the port scan, enhancing reliability in detecting open ports.

Updated: 2026-02-10