How to Code Your Own Port Scanner Using BASH Script and netcat Tool in Linux?
Last Updated :
28 Apr, 2025
The first step of penetration testing is reconnaissance (information gathering) which involves scanning for open ports in the machine. There are various tools available on the internet to perform port scanning but, the ability to make your own port scanner is just felt amazing. So here are the steps to follow in order to achieve the same. To make this port scanner we will use netcat. You can use (nc -h or man nc) to see what it is and what it does in detail.
Source code:
#!/bin/bash
# Check if IP argument is provided
if [ "$1" == "" ]; then
echo "Usage: $0 [IP]" >&2
echo "Example: $0 192.168.1.10" >&2
exit 1
else
target="$1"
echo "Scanning all ports on $target, please wait..."
# Scan ports and store temporary results
nc -nvz "$target" 1-65535 > "${target}.txt" 2>&1
# Display results in reverse order and clean up
tac "${target}.txt"
rm -f "${target}.txt"
fi
Output:
Steps to Use this Port Scanner:
Step 1: Copy the source code and create a file port.sh and paste the code into it and then save it.
Step 2: Make sure to give the executable permission to your script. Type the below command to do so.
chmod +x port.sh
Step 3: Usage for the script type (./port.sh [followed by the target’s IP address])Â
./port.sh 192.168.1.10
Functionality:
#!/bin/bash
Since we are using bash, the first line will be the shebang line. Shebang(#!) will instruct the operating system that which interpreter we are using, so in our case, we are using bash, so we will specify the path of it(/bin/bash).
if [ "$1" = "" ]; then
echo "Usage: $0 [IP]"
echo "Example: $0 192.168.1.10"
Here we will use the if statement to see whether our variable $1 has a proper and valid value or not. In our case, if our variable does not contain any value so it will show the usage of the script.
else
echo -e "\n[!] Please wait while scanning all open ports on target: $1..."
nc -nvz "$1" 1-65535 \
> "$1.txt" 2>&1
fi
Where there is an if there is an else, so if our variable $1 contains a proper and valid value, so it will trigger our else statement in which we are using Netcat command to see how many and which ports are open in the target machine, then we are storing the output (result) in a text file which will be named same as the IP address (the user will enter). And then we are using the fi command to indicate the end of our (if/else) statement.
Note: You can use (nc -h or man nc) to see what netcat is and what it does in detail.
tac $1.txt
rm -rf $1.txt
The result will be stored from the last open port to the first open port it finds, so we will use tac command (which is reverse of cat command) which will so the result in reverse order, so it will convert the result into the right order i.e. from first open port to last open port. And then finally after showing the result in the right order we will use rm -rf command to remove (delete) the output text file.
Note:
nc -nvz $1 1-65535 > $1.txt 2>&
In the source code in line 8, (nc -nvz $1 1-65535 > $1.txt 2>&) you can customize your ports under which range you have to scan.Â
Similar Reads
How to Audit Network Performance, Security, and Troubleshooting in Linux
Network security auditing is the process of assessing a network's health by analyzing and studying the flow of data through the network. Network auditing is one of the critical steps to detect potential security threats and errors within the network. Security audits are either performed manually or
6 min read
Vscan - Vulnerability Scanner Tool Using Nmap And NSE Scripts in Kali Linux
Vscan is a free and open-source tool available on GitHub. Vscan has based nmap scanning techniques, the easiest and useful tool for reconnaissance. Vscan interface is very similar to Metasploit 1 and Metasploit 2. Vscan has its own modules that add additional value to the standard scanner which is n
2 min read
How to Use Nmap Script Engine (NSE) Scripts in Linux?
Nmap or Network Mapper is an open-source tool that is used to discover hosts and services on a computer network. It is one of the most powerful and flexible port scanners ever built. To install Nmap on any OS such as Ubuntu or Kali Linux you can use the command. It is highly flexible due to the avai
5 min read
Bash Scripting - How to read a file line by line
In this article, we are going to see how to read a file line by line in Bash scripting. There might be instances where you want to read the contents of a file line by line using a BASH script. In this section, we will look at different ways to do just that. We will use BASH commands and tools to ach
3 min read
How to display nc return value in Linux shell script?
When you need to monitor network connections and understand their status, creating a custom bash script can be an invaluable solution. This article demonstrates how to build a bash script that checks network connections using the nc command and displays the corresponding exit status. By providing a
6 min read
Using Metasploit and Nmap to Scan for Vulnerabilities in Kali Linux
The Metasploit framework is a penetration testing tool for exploiting and validating vulnerabilities. It includes the fundamental architecture, particular content, and tools required for penetration testing and extensive security evaluation. It is a well-known exploitation framework that is routinel
3 min read
Iperf Command to Test Speed, Performance and Bandwidth of Network in Linux
There is a great degree of flex in how the packets are delivered and overall bit rate and packet payload size can be controlled. iperf is a tool that is used to perform network performance measurement and tuning. iperf is an open-source software which is written in C language. Jperf is a GUI version
2 min read
How to prompt for Yes/No/Cancel input in a Linux shell script
You may have noticed that shell programs occasionally ask the user for confirmation by prompting [Y/n] or [Yes/No]. Knowing whether a user wishes to continue with the following stages or not is useful. A similar feature can be added to your script as well. This article will assist you with examples
3 min read
Nmap Scans for Cyber Security and Penetration Testing
Nmap stands for Network Mapper is arguably one of the most popular s open source security tools employed for network mapping applications. As one of the primary utilities of the cybersecurity domain, recon helps the users to scan the hosts and services in the computer network. Nmap uses the concept
6 min read
How to Kill a Process Running on Particular Port in Linux?
Have you ever tried to launch a web server, database, or application in Linux, only to be stopped by the frustrating “Address already in use†error? This happens when another process is already occupying the required port, preventing your application from running. Freeing up the port is crucial to e
6 min read