Getting up and running with kportscan 3.0 is incredibly simple.
| Component | Technology | Function | |-----------|------------|----------| | Sender Engine | Raw sockets + AF_XDP (Linux) / WinDivert (Windows) | Generates and injects probe packets at line rate | | Receiver Engine | eBPF + Zero-copy ring buffers | Captures responses with microsecond timestamps | | Packet Scheduler | Token bucket + adaptive rate control | Avoids network flood & IDS thresholds | | ML Classifier | Lightweight ONNX model (Random Forest) | Differentiates open/filtered/closed from ambiguous responses | | Storage | SQLite (embedded) / ClickHouse (distributed) | Local or fleet-wide scan results | kportscan 3.0
Scenario: Suspicious bandwidth usage on a corporate VLAN. Getting up and running with kportscan 3