{"id":17922173,"url":"https://github.com/carlospolop/bashreconscan","last_synced_at":"2025-08-22T07:17:18.910Z","repository":{"id":104205314,"uuid":"165293877","full_name":"carlospolop/bashReconScan","owner":"carlospolop","description":"Bash Recon Scan - Recon and Scan a network using Bash","archived":false,"fork":false,"pushed_at":"2022-06-19T23:20:16.000Z","size":5,"stargazers_count":25,"open_issues_count":0,"forks_count":11,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-05-02T01:09:45.222Z","etag":null,"topics":["bash","fping","nc","ncat","netcat","network","oneliner","ping","port","recon","scan"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/carlospolop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-01-11T18:53:54.000Z","updated_at":"2024-02-11T22:02:05.000Z","dependencies_parsed_at":null,"dependency_job_id":"61161d16-e45f-4ff0-ba1c-942efc6b90d7","html_url":"https://github.com/carlospolop/bashReconScan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlospolop%2FbashReconScan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlospolop%2FbashReconScan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlospolop%2FbashReconScan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carlospolop%2FbashReconScan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/carlospolop","download_url":"https://codeload.github.com/carlospolop/bashReconScan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245198682,"owners_count":20576415,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash","fping","nc","ncat","netcat","network","oneliner","ping","port","recon","scan"],"created_at":"2024-10-28T20:38:03.308Z","updated_at":"2025-03-24T02:32:22.434Z","avatar_url":"https://github.com/carlospolop.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bash Recon Scan - BRS\n\nIt is a bash script that can use nc/netcat/ncat and fping/ping to find hosts in a network, and then scan several ports (1-1024 and 8000-8100) of the active hosts found.\n\nIt is very usefull to use when you want to search and scan hosts in a network and you dont have better tools than nc and ping.\n\nThe netmask that are currently supported are: **/24** and **/16**.\n\nThis tool doesn't need root pvivileges.\n\nIn the help of the tool you can find the main usage:\n```bash\nā””ā”€ā”€ā•¼ $./brs.sh \n./brs.sh \u003cprotocols\u003e \u003cip_addres\u003e/\u003cnetmask\u003e [\u003cPort\u003e]\n./brs.sh tcp 192.168.0.1/24 22\n./brs.sh icmp 192.168.0.1/16\n./brs.sh tcp,icmp 192.168.0.1/24 22\nThe output will be saved in \u003cip\u003e/24_\u003cproto\u003e_brs_recon.txt\nAll the active hosts will appear in the terminal and saved in the file active_ips.txt\nAvailable protocols are: tcp,icmp (you can select all at the same time)\nThe tool will scan ports some ranges of ports of the active hosts: 1-1024 and 8000-8100\nThe data of the scanned ports will be saved inside port_scan.txt\n```\n\nYou can find usufull also the following oneliners:\n\nRecon a /24 network using nc\n```bash\nfor j in $(seq 1 254); do nc -v -n -z -w 1 192.168.1.$j 22 2\u003e\u003e s.txt; done; grep -v \"Connection refused\\|Version\\|bytes\\| out\" s.txt | grep -o '[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}' s.txt | sort | uniq \u003e ips.txt;\n\n#Faster recon using timeout instead of -w and -z\nfor j in $(seq 1 254); do timeout 0.5 nc -v -n 192.168.1.$j 22 2\u003e\u003e s.txt; done; grep -v \"Connection refused\\|Version\\|bytes\\| out\" s.txt | grep -o '[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}\\.[0-9]\\{1,3\\}' s.txt | sort | uniq \u003e ips.txt;\n```\nRecon /24 network using ping or timeout + ping (faster)\n```bash\nfor j in $(seq 0 255); do timeout 0.7 ping 192.168.1.$j; done;\nfor j in $(seq 0 255); do ping 192.168.1.$j; done;\n```\n\nSearch for open ports in one ip or reading host from ips.txt\n```bash\nnc -v -z -n \u003cIP\u003e 1-1024 #For one host\nwhile read host; do nc -v -z -n $host 1-1024 2\u003e\u003e ps.txt; done \u003c ips.txt; cat ps.txt | grep -v \"Connection refused\\|Version\\|bytes\\| out\";\n```\n\nIf you **cant select a range of ports** in your netcat version, use this oneliner to scan for ports (reading from a file)\n```bash\nfor p in $(seq 1 1024); do nc -v -z -n -w 1 \u003cHOST\u003e $p 2\u003e\u003e ps.txt; done; #For one host\nwhile read host; do for p in $(seq 1 1024); do nc -v -z -n -w 1 $host $p 2\u003e\u003e ps.txt; done; done \u003c ips.txt; cat ps.txt | grep -v \"Connection refused\\|Version\\|bytes\\| out\";\n\n#Faster scan using timeout instead of -w and -z\nfor p in $(seq 1 1024); do timeout 0.5 nc -v -n \u003cHOST\u003e $p 2\u003e\u003e ps.txt; done; #For one host\nwhile read host; do for p in $(seq 1 1024); do timeout 0.5 nc -v -n $host $p 2\u003e\u003e ps.txt; done; done \u003c ips.txt; cat ps.txt | grep -v \"Connection refused\\|Version\\|bytes\\| out\";\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarlospolop%2Fbashreconscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcarlospolop%2Fbashreconscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarlospolop%2Fbashreconscan/lists"}