Unicornscan is a new information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL license.
It has always been a favourite of mine, especially for UDP scanning and scanning large networks (and getting it done fast).
In some ways the implementation is better than Nmap – in some ways worse. Both are great tools and for me, they work well hand in hand, both have certain advantages over the other in different situations.
I did get halfway to writing an article about Nmap vs Unicornscan for large network scanning.
Benefits of Unicornscan
It is an attempt at a User-land Distributed TCP/IP stack. It is intended to provide a researcher with a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Although it currently has hundreds of individual features, a main set of abilities include:
- Asynchronous stateless TCP scanning with all variations of TCP Flags.
- Asynchronous stateless TCP banner grabbing
- Asynchronous protocol-specific UDP Scanning (sending enough of a signature to elicit a response).
- Active and Passive remote OS, application, and component identification by analyzing responses.
- PCAP file logging and filtering
- Relational database output
- Custom module support
- Customized data-set views
Anyway, the good news is it has finally been updated and v0.4.7 is available and released for download.
Your Unicornscan download of the fast port scanner is here:
Source Code: unicornscan-0.4.7-2.tar.bz2