whatisgithub

What is naabu?

projectdiscovery/naabu — explained in plain English

Analysis updated 2026-06-26

5,935GoAudience · ops devopsComplexity · 3/5LicenseSetup · moderate

In one sentence

Naabu is a fast command-line port scanner written in Go that finds open ports on servers and IP ranges, with SYN/CONNECT/UDP probes, Nmap integration, passive Shodan lookup, and JSON or CSV output.

Mindmap

mindmap
  root((naabu))
    Probe types
      SYN scan
      CONNECT scan
      UDP scan
    Input types
      Single host
      Host list file
      IP range
      ASN number
    Output formats
      Plain text
      JSON
      CSV
    Integrations
      Nmap auto-call
      Shodan passive
      ProjectDiscovery cloud
    Audience
      Pentesters
      Bug bounty hunters
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Quickly scan a list of hosts during a penetration test to find which ports are open before running deeper analysis.

USE CASE 2

Integrate Naabu with Nmap in an automated pipeline to identify open ports then fingerprint the services running on them.

USE CASE 3

Run passive port discovery on a target using Shodan data via Naabu without sending any packets to the target.

What is it built with?

Go

How does it compare?

projectdiscovery/naabufnproject/fngo-flutter-desktop/go-flutter
Stars5,9355,9355,933
LanguageGoGoGo
Setup difficultymoderatemoderatemoderate
Complexity3/54/53/5
Audienceops devopsops devopsdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

SYN scanning requires root or admin privileges on Linux and Mac, CONNECT mode works without elevated permissions.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

So what is it?

Naabu is a command-line tool for port scanning, which means it checks a list of computers or servers to find out which network ports are open and accepting connections. Security researchers and penetration testers use this kind of tool during assessments to map out what services are exposed on a target system before deciding where to look more closely. The tool is written in Go and is designed to be fast and lightweight. It can send different types of network probes (SYN, CONNECT, and UDP) and works with both IPv4 and IPv6 addresses. You can give it a single host, a list of hosts, a range of IP addresses, or an ASN number (a grouping identifier used by large networks), and it will return a list of which ports responded. Naabu includes a feature to skip full scans for content delivery networks and firewalls, since those systems sit in front of the actual target and would otherwise flood results with irrelevant ports. It can also pull passive port data from Shodan's public database without sending any packets at all. For deeper analysis, it can call Nmap automatically on the ports it finds, which is a separate tool that identifies what software is running on each port. Results can be written as plain text, JSON, or CSV. The tool supports a configuration file so you do not have to repeat flags on every run. It integrates with the ProjectDiscovery cloud platform, which is the company behind this tool, allowing results to be uploaded to a shared dashboard. The project is open source under the MIT license and is part of a broader suite of security tools maintained by ProjectDiscovery. It is intended for use in authorized security testing, bug bounty programs, and penetration tests.

Copy-paste prompts

Prompt 1
Using Naabu, scan a list of hosts from a file for open ports 80, 443, and 8080 and output the results as JSON to a file.
Prompt 2
How do I configure Naabu to skip CDN and firewall IPs automatically so they don't pollute my port scan results?
Prompt 3
Set up Naabu to call Nmap automatically on every port it discovers open and save the combined output as a CSV report.
Prompt 4
Run a Naabu UDP scan against a single target IP across all common ports and explain which probe type to choose for accuracy.
Prompt 5
Use Naabu's config file to persist my preferred scan flags so I don't have to retype them on every run.

Frequently asked questions

What is naabu?

Naabu is a fast command-line port scanner written in Go that finds open ports on servers and IP ranges, with SYN/CONNECT/UDP probes, Nmap integration, passive Shodan lookup, and JSON or CSV output.

What language is naabu written in?

Mainly Go. The stack also includes Go.

What license does naabu use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

How hard is naabu to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is naabu for?

Mainly ops devops.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.