jfscan

Wrapper tool combining Masscan's high-speed port scanning with Nmap's service fingerprinting. Accepts diverse target formats (domains, IPs, CIDRs, URLs) and outputs domain:port pairs suitable for piping into vulnerability scanners like Nuclei or httpx.

Evaluated Mar 08, 2026 (0d ago) vv1.6.2
Homepage ↗ Repo ↗ Security security masscan nmap port-scanner network pentesting recon bugbounty scanning enumeration
⚙ Agent Friendliness
42
/ 100
Can an agent use this?
🔒 Security
32
/ 100
Is it safe for agents?
⚡ Reliability
35
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
70
Error Messages
35
Auth Simplicity
95
Rate Limits
45

🔒 Security

TLS Enforcement
20
Auth Strength
30
Scope Granularity
25
Dep. Hygiene
35
Secret Handling
50

Security tool, not a secure service. Requires elevated privileges (CAP_NET_RAW). Archived repo means no security patches. External dependencies (Masscan, Nmap) are well-maintained independently. No network service exposed.

⚡ Reliability

Uptime/SLA
15
Version Stability
40
Breaking Changes
55
Error Recovery
30
AF Security Reliability

Best When

You need to scan large network ranges quickly and feed results into downstream security tools.

Avoid When

You need an actively maintained tool (this is archived/deprecated), or you're scanning small ranges where Nmap alone is sufficient.

Use Cases

  • Large-scale port scanning across wide network ranges with service detection
  • Bug bounty reconnaissance combining speed (Masscan) with accuracy (Nmap)
  • Building automated security scanning pipelines with stdin/stdout chaining
  • Generating domain:port lists for subsequent web vulnerability testing

Not For

  • Small network scans where plain Nmap suffices
  • Non-security use cases — this is a penetration testing tool
  • Active development needs — project is archived and deprecated in favor of massmap (Go rewrite)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
No
Webhooks
No

Authentication

OAuth: No Scopes: No

No authentication. Local CLI tool requiring CAP_NET_RAW capability for raw packet operations.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

MIT licensed. Requires external tools (Masscan, optionally Nmap) which are also free.

Agent Metadata

Pagination
none
Idempotent
True
Retry Guidance
Not documented

Known Gotchas

  • ARCHIVED AND DEPRECATED — successor is massmap (Go rewrite)
  • Requires Masscan installed with CAP_NET_RAW capability set
  • Requires root/sudo or specific capabilities for raw socket operations
  • Output format is domain:port text, not structured JSON
  • False positives/negatives acknowledged by author for smaller ranges

Alternatives

nullt3r-massmap nmap rustscan

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for jfscan.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-08.

6961
Packages Evaluated
25669
Need Evaluation
173
Need Re-evaluation
Community Powered