Skip to main content

naabu

naabu is a fast and efficient port scanning tool designed for automated security workflows within the Canva cybersecurity platform. It facilitates reconnaissance by identifying open ports on specified targets, aiding in the assessment of network security vulnerabilities.

Ideal Use Cases & Fit

naabu is best suited for scenarios where speed and efficiency are crucial, such as automated scanning of multiple subdomains or IP addresses to identify reachable services. It excels when integrated into early reconnaissance phases of security assessments, offering insights into exposed services. However, it is not intended for comprehensive deep protocol analysis, focusing instead on quick open port discovery.

Value in Workflows

In security workflows, naabu provides value by enabling rapid identification of accessible ports across numerous targets, making it an indispensable tool for pre-assessment stages. Its output can serve as foundational data for subsequent tools that perform detailed analyses, ensuring a streamlined security assessment process.

Input Data

naabu expects input data in the form of a file containing newline-separated subdomains or IP addresses. This input is essential for directing the scan to appropriate targets. For example, the input file might look like this:

www.example.com
142.251.37.164
www1.example.com

Configuration

  • silent: Controls whether the output is saved silently to a file. Default is true.
  • json: Specifies if the output should be written in JSON lines format. This is optional.
  • port: Defines specific ports to scan, such as 80 or 443. Optional.
  • top-ports: Selects the top ports to scan from predefined groups. Default is '100'.
  • exclude-ports: Allows specification of ports to exclude from the scan. Optional.
  • proxy: Sets the SOCKS5 proxy address required for the scan, essential for proxy environments.
  • proxy-auth: Provides authentication details for the SOCKS5 proxy, necessary for access.
  • timeout: Adjusts the time in seconds before a scan times out; default is 500 milliseconds.
  • retries: Indicates the number of retries for each port scan, which defaults to 3.

These parameters enable workflow builders and AI agents to fine-tune the tool's performance according to specific scanning requirements.