unicornscan
TLDR
Basic TCP SYN scan
SYNOPSIS
unicornscan [options] target[:ports]
DESCRIPTION
unicornscan is an asynchronous network scanner designed for high-speed reconnaissance. It uses a custom TCP/IP stack that separates packet sending and receiving into different threads, enabling much faster scanning than traditional scanners.
The scanner supports various TCP flag combinations, UDP scanning, and OS/service fingerprinting through loadable modules. Its asynchronous design makes it particularly effective for scanning large networks.
Output can be customized and saved to pcap files for later analysis. The tool integrates with databases for storing scan results.
PARAMETERS
-m mode
Scan mode: T (TCP SYN), U (UDP), sf (connect), A (ARP).-r pps
Packets per second rate.-i interface
Network interface to use.-I
Immediate mode: display results as found.-v
Verbose output.-H
Resolve hostnames in output.-l file
Log output to file.-w file
Write packets to pcap file.-L seconds
Packet timeout (default: 7).-p ports
Global ports to scan.-B port
Source port for scanning.-b layer
Send broken CRC: T (transport), N (network), TN (both).-e module
Enable module (e.g., osdetect).-E
Process error responses (ICMP, RST).-Q
Quiet mode.-h
Display help.
SCAN MODES
-mT: TCP SYN scan (default)
-mTsA: TCP ACK scan
-mTsF: TCP FIN scan
-mTs: TCP NULL scan
-mTsFPU: TCP Xmas scan
-msf: TCP connect scan
-mU: UDP scan
CAVEATS
Requires root privileges for raw socket access. High scan rates may trigger IDS/IPS. Custom TCP stack may behave differently than system stack. Use only with authorization on target networks.
HISTORY
unicornscan was developed by Jack Louis and Robert E. Lee. It was designed for scalability and speed, addressing limitations of synchronous scanners. The tool became popular for penetration testing and is included in Kali Linux.
