16 May 2017

Vulnerability scanner MS17-010

As the attack was conducted through Microsoft Security Bulletin vulnerability MS17-010, our team has developed a special utility software — vulnerability scanner MS17-010. This utility performs network scanning in order to detect the vulnerability exploited by WannaCry malware.

Please feel free to use it and distribute among your clients and partners.

The scanner reveals four states of computer system:

  • No vulnerability MS17-010 (no message from scanner);
  • Detected vulnerability MS17-010;
  • System is infected;
  • Incorrect operation of SMB protocol.

The scanner is written in GO language. With GOLANG installed, you can use this scanner on any system or compile it for any platform yourself. Here is a link for GOLANG installation:

Please, note that this utility might be detected by antivirus software as it uses a part of exploit in order to find the vulnerability. The archive contains .exe file and source code of the scanner. Here is the link for archive download: scanner.wannacry.7z

Usage instructions

$ scanner.exe -h
WannaCry scanner tool by BiZone

Usage of scanner.exe:

  • file string
File with list of targets to scan. Each address or netmask on new line.

  • ip string
IP address

  • net string
IP network address. Example:

  • out string
Output file with results of scan in CSV format. Example: results.csv

  • verbose
Verbose output

  • workers int
Count of concurrent workers. (default 200, max count 1000)

scanner.exe -ip
scanner.exe -net
scanner.exe -file ips.txt -out vuln.csv

Download utility


Password for the archive



shasum scanner.exe
78801a61a36500e797979e41d118d762405d54d4 scanner.exe

We use cookies to personalize the services and the convenience of website users. You can prevent cookies from being stored in your browser settings. By using this website, you confirm your consent to the Privacy policy.