Naabu

Naabu is a high-performance port enumeration tool developed by ProjectDiscovery that sends asynchronous SYN, CONNECT, or UDP packets to target hosts and collects replies to identify which ports are open. Its core scanning engine operates at the packet level using raw sockets for SYN mode, which allows it to achieve substantially higher throughput than connection-based scanners while remaining lightweight on system resources. It accepts input in multiple formats — individual IPs, hostnames, CIDR ranges, and ASN notation — making it well-suited for large-scale attack surface enumeration.

What distinguishes Naabu within the port-scanning space is its position inside the broader ProjectDiscovery ecosystem. It is designed as a composable, pipeline-friendly tool: output pipes directly into other tools such as httpx (HTTP probing) or Nuclei (vulnerability scanning), allowing practitioners to build end-to-end recon chains. The Nmap integration lets Naabu act as a fast port-discovery first pass, with Nmap invoked only on confirmed open ports for detailed service fingerprinting — a workflow that dramatically reduces total scan time versus running Nmap alone against all ports.

Naabu also includes several operationally useful refinements: automatic IP deduplication when scanning DNS names that resolve to multiple records, CDN/WAF IP detection to avoid full port scanning of cloud infrastructure, passive enumeration via Shodan’s InternetDB for zero-traffic reconnaissance, and IPv6 support. It is packaged in Kali Linux’s official repositories and as a Docker image, reflecting its adoption as a standard recon tool in the penetration testing and bug bounty communities.