Metasploit中不仅能够使用第三方扫描器Nmap等，在其辅助模块中也包含了几款内建的端口扫描器。

查看Metasploit框架提供的端口扫描工具：

msf > search portscanMatching Modules================   Name                                              Disclosure Date  Rank    Description   ----                                              ---------------  ----    -----------   auxiliary/scanner/http/wordpress_pingback_access                   normal  Wordpress Pingback Locator   auxiliary/scanner/natpmp/natpmp_portscan                           normal  NAT-PMP External Port Scanner   auxiliary/scanner/portscan/ack                                     normal  TCP ACK Firewall Scanner   auxiliary/scanner/portscan/ftpbounce                               normal  FTP Bounce Port Scanner   auxiliary/scanner/portscan/syn                                     normal  TCP SYN Port Scanner   auxiliary/scanner/portscan/tcp                                     normal  TCP Port Scanner   auxiliary/scanner/portscan/xmas                                    normal  TCP "XMas" Port Scanner

　使用Metasploit的SYN端口扫描器对单个主机进行一次简单的扫描：

msf > use scanner/portscan/syn

　　设定RHOST参数为192.168.119.132，线程数为50

RHOSTS => 192.168.119.132msf  auxiliary(syn) > set THREADS 50THREADS => 50msf  auxiliary(syn) > run[*]  TCP OPEN 192.168.119.132:80[*]  TCP OPEN 192.168.119.132:135[*]  TCP OPEN 192.168.119.132:139[*]  TCP OPEN 192.168.119.132:1433[*]  TCP OPEN 192.168.119.132:2383[*]  TCP OPEN 192.168.119.132:3306[*]  TCP OPEN 192.168.119.132:3389[*] Scanned 1 of 1 hosts (100% complete)[*] Auxiliary module execution completed