# Install masscan with Homebrew, apk, apt, dnf, MacPorts, Nix, pacman

TCP port scanner, scans entire Internet in under 5 minutes. Version 1.3.2 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:masscan
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install masscan
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install masscan
```

  Evidence: MacPorts ports tree: net/masscan/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- apk (92%):

```sh
sudo apk add masscan
```

  Evidence: Alpine Linux edge package indexes: masscan from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz

- Debian apt (92%):

```sh
sudo apt install masscan
```

  Evidence: Debian stable package indexes: masscan from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install masscan
```

  Evidence: Fedora Rawhide package metadata: masscan from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#masscan
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ma/masscan/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S masscan
```

  Evidence: Arch Linux sync databases: masscan from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

## Package facts

- **Package key:** brew:masscan
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/masscan>
- **Version:** 1.3.2
- **Source summary:** TCP port scanner, scans entire Internet in under 5 minutes
- **Homepage:** <https://github.com/robertdavidgraham/masscan/>
- **Repository:** <https://github.com/robertdavidgraham/masscan>
- **Upstream docs:** <https://github.com/robertdavidgraham/masscan#readme>
- **License:** AGPL-3.0-only
- **Source archive:** <https://github.com/robertdavidgraham/masscan/archive/refs/tags/1.3.2.tar.gz>
- **Generated:** 2026-07-08T18:08:21+00:00

## Executables

- masscan (cli)
- masscan (alias)

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.3.2
- Local data: ok
- Upstream repository: https://github.com/robertdavidgraham/masscan
- Upstream latest detected: 1.3.2 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

MASSCAN is an Internet-scale TCP port scanner designed to transmit probes asynchronously at very high packet rates. It is packaged as a security and networking CLI because it gives users an `nmap`-like command surface for wide-range scanning rather than deep per-host enumeration.

### Project history

The public GitHub repository was created in July 2013, and early releases appeared in September and October 2013. The README describes the tool as able to scan the entire Internet in under five minutes from a single machine at up to 10 million packets per second, using its own TCP/IP stack and asynchronous transmit and receive threads.

MASSCAN's 1.0 release arrived in October 2013, and a Kali-tagged prerelease was already published in September 2013. Later releases added practical improvements such as dynamic libpcap loading, memcached support, and IPv6 support in the 1.3.0 line, followed by fixes for the IPv6 transition.

The design section of the README explicitly positions MASSCAN relative to earlier high-speed scanners such as scanrand, unicornscan, and ZMap, while making the command-line and output style familiar to `nmap` users.

### Adoption history

MASSCAN is widely adopted for a command-line security tool: the repository has tens of thousands of GitHub stars and thousands of forks, and the supplied package metadata lists packages across Homebrew, Debian, Ubuntu, Fedora, Arch, Alpine, MacPorts, and Nix.

Its package-manager footprint reflects its role in security labs, reconnaissance workflows, and network inventory jobs where users want a readily installable binary rather than building research code by hand.

### How it is used

Users provide ports and target ranges, for example `masscan -p80,8000-8100 10.0.0.0/8`, and can emit or reuse configuration with `--echo` and `-c`. The README documents XML, binary, grepable, JSON, and list output formats.

MASSCAN is tuned for breadth. The README contrasts it with `nmap`: it uses randomized host order, raw packet sending, no default ports, no DNS resolution, and an asynchronous model suited to large address ranges. It also warns that banner grabbing and other TCP interactions can conflict with the host network stack unless source IPs, source ports, and firewall rules are configured carefully.

The default configuration file is `/etc/masscan/masscan.conf`, and command-line settings override that default. The README recommends using exclude files for Internet-scale scans and includes prominent cautions about scanning responsibly.

### Why package nerds care

MASSCAN is package-nerd significant because it is one of the canonical examples of a single-purpose C security tool that package managers make safe to acquire, update, and remove across many Unix-like systems.

It also shows why packaging security tools matters: users get reproducible builds and OS integration for software that otherwise encourages copying binaries or building from source before running high-impact network scans.

### Timeline

- 2013: GitHub repository created.
- 2013: Early v1 and Kali prereleases published.
- 2013: 1.0 release published.
- 2020: 1.3.0 release adds IPv6 support.
- 2026: Repository remains active with recent commits.

### Related projects

- MASSCAN is related to `nmap`, but optimized for broad asynchronous scanning rather than detailed host inspection.
- The README also compares its asynchronous approach with scanrand, unicornscan, and ZMap.

### Sources

- <https://api.github.com/repos/robertdavidgraham/masscan>
- <https://github.com/robertdavidgraham/masscan>
- <https://github.com/robertdavidgraham/masscan/releases>
- source_facts.package-manager-url


## Security Notes

large-scale network scanning tool.

- **Geiger risk:** red / high
- large-scale network scanning tool


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: /etc/masscan/masscan.conf
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** masscan
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Debian apt - masscan - 2:1.3.2+ds1-2: normalized package name match | Debian stable package indexes: masscan from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | TCP port scanner | https://github.com/robertdavidgraham/masscan
- Nix - masscan: normalized package name match | nixpkgs package indexes: pkgs/by-name/ma/masscan/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - masscan - 2:1.3.2+ds1-1: normalized package name match | Ubuntu 24.04 LTS package indexes: masscan from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | TCP port scanner | https://github.com/robertdavidgraham/masscan
- apk - masscan - 1.3.2-r2: normalized package name match | Alpine Linux edge package indexes: masscan from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes | https://github.com/robertdavidgraham/masscan
- apk - masscan-doc - 1.3.2-r2: normalized package name match | Alpine Linux edge package indexes: masscan-doc from https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes (documentation) | https://github.com/robertdavidgraham/masscan
- dnf - masscan - 1.3.2-15.fc44: normalized package name match | Fedora Rawhide package metadata: masscan from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | This is an Internet-scale port scanner | https://github.com/robertdavidgraham/masscan
- pacman - masscan - 1.3.2-2: normalized package name match | Arch Linux sync databases: masscan from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes | https://github.com/robertdavidgraham/masscan
- MacPorts - masscan: normalized package name match | MacPorts ports tree: net/masscan/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [rustscan](https://www.automicvault.com/pkg/brew/rustscan/) - Shares av.db curated category or tags: cli, network-scanner, port-scanner, security.
- [naabu](https://www.automicvault.com/pkg/brew/naabu/) - Shares av.db curated category or tags: cli, network-scanning, port-scanner, security.
- [synscan](https://www.automicvault.com/pkg/brew/synscan/) - Shares av.db curated category or tags: cli, network-scanning, port-scanner, security, tcp.
- [nmap](https://www.automicvault.com/pkg/brew/nmap/) - Shares av.db curated category or tags: cli, network-scanning, port-scanner, security.
- [ike-scan](https://www.automicvault.com/pkg/brew/ike-scan/) - Shares av.db curated category or tags: cli, network-scanning, security.
- [tlsx](https://www.automicvault.com/pkg/brew/tlsx/) - Shares av.db curated category or tags: cli, network-scanner, security.
- [aide](https://www.automicvault.com/pkg/brew/aide/) - Shares av.db curated category or tags: cli, security.
- [aircrack-ng](https://www.automicvault.com/pkg/brew/aircrack-ng/) - Shares av.db curated category or tags: cli, security.

## Combined YAML source

View the package source record on GitHub. [combined/masscan.yml](https://github.com/automic-vault/db/blob/main/combined/masscan.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
