How to scan a subnet or IP range

Each IP in a range or CIDR will be considered as a separate target
Written by Robert Tanase
Updated 7 months ago

You can’t add IP ranges or subnet masks as input for our scanners. In order to scan an IP range, you’ll need to add the IP range directly from the /targets tab by clicking the +Add button.

If you try to add the IP range directly in the tool target field you will receive this error: “Invalid hostname or IP address. Try again, please”. The workaround for this is bulk scanning, as described below.

You can either add an IP range ( or a CIDR, a subnet mask format ( They will be expanded into separate targets.

For example, adding will create 254 individual targets.

By enabling the Include only alive targets option, our check-alive mechanism will perform a customized version of Nmap's host discovery functionality. The mechanism works by sending different types of packets called probes. The goal of these probes is to solicit responses that demonstrate if an IP address is actually active (is being used by a host or network device). You can read the full details in our dedicated article.

After adding the targets, you can bulk select all the IPs in the range using the search box and the general Target checkbox on the header row, or just some of the IPs by individually selecting them.

You can then run scans by selecting options from a scan with tool, scan with template, or scan with robot menus.

If you're scanning with a vulnerability scanner, such as the Network Scanner, you can view the scan results in the /findings tab and display as many as 250 records on the page.

Please note that reconnaissance tools, such as TCP / UDP Port scanners do not generate findings. You can see a centralized status of these scan results on the Attack Surface View.

In order to generate a report, you can use the filters to narrow down the findings according to target, scan date, which tool was used (source), etc., and then click Generate Report.

Read more details in the Reporting category.

This video shows how to add an IP range as a target in and how to scan this range for open ports, services, and operating systems. You will see how all scan results are aggregated into the Attack Surface view.

Did this answer your question?