I just shipped a major update to NimPacket, adding a full-featured network scanning CLI built around Nim’s raw packet performance. The CLI now supports SYN port scanning, ICMP host discovery, ARP MAC discovery, and one port sweeps across large target sets.
The key design choice was a blast and listen model. All probes are constructed and sent as fast as possible using Nim, then responses are collected in a single timed receive window. This avoids the classic one packet, one wait problem that makes many scanners painfully slow.
Nim handles every hot path operation. Packet building, checksums, sending, receiving, and parsing all live in compiled Nim code. Python is only used to orchestrate scan phases and manage CLI UX, which keeps overhead negligible while preserving flexibility.
On a mid range machine, NimPacket builds over 300k packets per second, and scanning a full /24 subnet across multiple ports completes in seconds instead of minutes. The limiting factor is no longer the language runtime but the OS and network stack itself.
The full CLI now includes 58 commands, with scanning fully documented and extensible. This architecture leaves room for future work like adaptive rate control, async receive rings, PCAP export, and scan profiles.
Repo: https://github.com/0x57Origin/NimPacket
Happy to answer questions or discuss Nim based systems tooling.