https://github.com/0xsbow/pscan
A lightweight, efficient port scanner for authorized network testing written in PowerShell.
https://github.com/0xsbow/pscan
portscan portscanner portscanning powershell powershell-portscanner powershell-script scanning
Last synced: about 1 month ago
JSON representation
A lightweight, efficient port scanner for authorized network testing written in PowerShell.
- Host: GitHub
- URL: https://github.com/0xsbow/pscan
- Owner: 0xsbow
- Created: 2025-10-31T17:24:34.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2025-10-31T17:52:54.000Z (8 months ago)
- Last Synced: 2025-12-23T07:48:14.376Z (6 months ago)
- Topics: portscan, portscanner, portscanning, powershell, powershell-portscanner, powershell-script, scanning
- Language: PowerShell
- Homepage:
- Size: 7.81 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# PScan - PowerShell Port Scanner
A lightweight, efficient port scanner for authorized network testing written in PowerShell.
## Features
- Scan single IP or multiple IPs from a file
- Support for custom ports, port ranges, and common port presets
- Batch processing with configurable delays
- Multiple export formats (CSV, TXT, JSON)
- Colored console output
- Verbose and quiet modes
## Installation
1. clone the repository or download the project zip file
```
git clone https://github.com/Sid-Bahuguna/PScan.git
```
2. No additional dependencies required - uses native PowerShell
## Usage
### Basic Syntax
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target -Ports [options]
```
### Quick Start Examples
```powershell
# Scan a single host using top 100 common ports
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 10.16.10.236 -Ports top100
# Scan a hosts file, save results to a TXT file
powershell.exe -NoProfile -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts-192-range -Ports top100 -OutTxt results.txt
```
### Scan Single IP
```powershell
# Scan default ports (22,80,443)
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1
# Scan specific ports
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports "22,80,443,8080"
# Scan port range
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports "20-1024"
# Scan top 100 common ports
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100
# Scan top 1000 common ports
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top1000
```
### Scan Multiple IPs
```powershell
# Scan hosts from file with top 100 ports
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts.txt -Ports top100
# Scan multiple IPs with custom port range
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile network-hosts.txt -Ports "1-1024"
# Scan with custom batch settings for large networks
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts.txt -Ports top100 -BatchSize 20 -BatchDelaySeconds 3
```
### Port Presets
- **Custom ports:** `"22,80,443,8080"`
- **Port range:** `"1-1024"`
- **Top 100 ports:** `top100`
- **Top 1000 ports:** `top1000`
- **All ports:** `all` (1-65535, use with caution)
### Export Results
```powershell
# Export to CSV
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100 -OutCsv results.csv
# Export to JSON
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100 -OutJson results.json
# Export to TXT
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100 -OutTxt results.txt
# Export to multiple formats simultaneously
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts.txt -Ports top1000 -OutCsv scan.csv -OutJson scan.json -OutTxt scan.txt
```
### Advanced Options
```powershell
# Verbose output (show all port checks in real-time)
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100 -Verbose
# Quiet mode (suppress console output except errors)
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1 -Ports top100 -Quiet -OutCsv results.csv
# Custom batch settings for large-scale scans
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts.txt -Ports top100 -BatchSize 20 -BatchDelaySeconds 10
# NoProfile flag for faster execution
powershell.exe -NoProfile -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 10.16.10.236 -Ports "22,80,443,3389"
# Comprehensive scan with verbose output and CSV export
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile enterprise-hosts.txt -Ports top1000 -Verbose -OutCsv enterprise-scan.csv -BatchSize 15
```
## Examples
### Example 1: Quick Single Host Scan
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 10.16.10.236 -Ports top100
```
### Example 2: Scan Multiple Hosts from File
```powershell
powershell.exe -NoProfile -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile hosts-192-range -Ports top100 -OutTxt results.txt
```
### Example 3: Enterprise Network Scan with CSV Export
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile enterprise-network.txt -Ports top1000 -OutCsv network-audit.csv -BatchSize 25 -BatchDelaySeconds 8
```
### Example 4: Verbose Scan with All Output Formats
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.100 -Ports "1-1000" -Verbose -OutCsv scan.csv -OutJson scan.json -OutTxt scan.txt
```
### Example 5: Silent Batch Scan for Automation
```powershell
powershell.exe -NoProfile -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile critical-servers.txt -Ports "22,80,443,3389,8080" -Quiet -OutJson daily-scan.json
```
### Example 6: Web Server Discovery
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -HostsFile datacenter-hosts.txt -Ports "80,443,8080,8443" -OutCsv webservers.csv
```
### Example 7: Custom Port Range Scan
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 10.0.0.50 -Ports "20-25,80,443,3389,5900-5910" -Verbose
```
## Output Format
### Console Output
```
IP OpenPorts
-- ---------
192.168.1.1 22,80,443
192.168.1.2 80,8080
```
### CSV Output
```csv
IP,OpenPorts
192.168.1.1,"22,80,443"
192.168.1.2,"80,8080"
```
### JSON Output
```json
[
{
"IP": "192.168.1.1",
"OpenPorts": "22,80,443"
}
]
```
## Performance Tips
- Use smaller batch sizes (`-BatchSize 5-10`) for faster networks with low latency
- Increase `BatchDelaySeconds` (10-15 seconds) if experiencing network throttling or rate limiting
- Use port presets (`top100`, `top1000`) instead of `all` for faster scans
- For large scans, use `-Quiet` mode with file export to reduce console overhead
- Use `-NoProfile` flag for faster PowerShell startup time
- Scan during off-peak hours for large enterprise networks
- Test connectivity with `ping` before running large scans
## Security Notice
⚠️ **Important:** This tool is intended for authorized network testing only. Only scan systems you own or have explicit permission to test. Unauthorized port scanning may be illegal in your jurisdiction.
## Troubleshooting
### Execution Policy Error
```powershell
powershell -ExecutionPolicy Bypass -File .\PScan.ps1 -Target 192.168.1.1
```
### No Results Displayed
- Check if target is reachable: `ping `
- Try with verbose mode: `-Verbose`
- Verify ports are actually open
### Firewall Blocking
Some corporate firewalls may block outbound connection attempts. Run from a trusted network segment.
## License
This tool is provided as-is for authorized security testing purposes only.
## Contributing
For bugs, feature requests, or contributions, please contact Sidharth Bahuguna.
---
**Remember:** Always obtain proper authorization before scanning any network or system.