Port scanning with RustScan
NMAP has been my de facto port scanning tool of choice until recently, when I discovered RustScan. The one major benefit of RustScan is the lightning speed at which it scans all 65K ports; it can do this in 3 seconds. Compare that to NMAP, and it's night and day. I would set up NMAP, go for lunch, and come back and it would still be running. It has a full suite of scripting support from Python, Lua, Bash, or even piping the RustScan results to NMAP.
When time is of the essence, RustScan is the choice. I do, however, still find myself reverting back to NMAP for specific tasks, but that is more out of familiarity and, as said in previous sections, practice, practice, and practice. In this section, we will be installing RustScan and running it against the machines in our lab. We'll observe the speed difference at which the scans run and get familiar with the syntax in order to add this tool to our pentesting arsenal.
