// THECYBERARYAN — RESEARCH

Naabu — Zero to Hero Guide

Author: Aryan Pareek • 2025-11-17 • Recon / Port Scanning

Naabu is a high-speed SYN-based port scanner built by ProjectDiscovery. It’s used by bug bounty hunters and pentesters to rapidly identify open ports across huge attack surfaces.

What is Naabu?

Naabu sends asynchronous SYN packets to detect open ports extremely fast. Perfect for recon pipelines:

Input → domains / hosts  
Output → open ports

Installation

sudo apt install naabu
# or
curl -s https://api.projectdiscovery.io/tools/install | sh

Basic Usage

Scan a domain

naabu -host example.com

Scan an IP

naabu -host 192.168.1.1

Scan a list

naabu -list hosts.txt -o ports.txt

Port Selection

naabu -top-ports 100
naabu -p -             # all ports
naabu -p 80,443,22     # custom

Speed & Performance

naabu -rate 50000

Stealth & Evasion

naabu -s        # SYN scan
naabu -connect  # TCP connect  
naabu -f        # fragmented packets

Service Detection (Nmap)

naabu -nmap
naabu -nmap-cli "-sV -sC"

Real Recon Workflow

subfinder -d example.com -o subs.txt
httpx -l subs.txt -o alive.txt
naabu -list alive.txt -p - -o open_ports.txt
nmap -sV -sC -iL open_ports.txt

Cheat Sheet

Scan host:      naabu -host domain.com
Scan list:      naabu -list hosts.txt
Top ports:      -top-ports 100
All ports:      -p -
Stealth:        -s
Firewall bypass -connect
Run Nmap:       -nmap

Conclusion

Naabu is one of the fastest and most reliable scanners in modern recon. When chained with Subfinder, Httpx, Nmap, Dirsearch, and Nuclei, it forms an unstoppable pipeline.