XoPing
TCP-based ping for environments where ICMP has been "secured" away. Discovers whether hosts and subnets are reachable without ever sending a single ICMP packet.
XoPing exists because of a widely held belief in network administration circles. It sounds reasonable. It is not.
"If we block ping, attackers cannot know our hosts exist."
Delivered with confidence. Filed in the security policy. Enforced at the firewall. Case closed.
Any open TCP port reveals the host. A SYN to port 443 that returns SYN-ACK is exactly as revealing as an ICMP echo reply. The host was never hidden.
Nmap has had -Pn since 1997. Skip ping, go straight to the port scan. One flag. Bypassed before lunch.
XoPing took an afternoon to write using nothing but TcpClient. If a junior developer can reproduce it in hours, the threat model deserves scrutiny.
AD environments are self-defeating. Kerberos (88), LDAP (389), SMB (445), RDP (3389) must be open for the environment to function. The garage is wide open.
"We also block ping to reduce unnecessary traffic on the network."
They did not save bandwidth. They multiplied it. And they still got scanned.
TCP-Based Host Discovery
Probes 17 common TCP ports in parallel to determine if a host is reachable — no ICMP required. Works everywhere ping does not.
Parallel Port Probing
HTTP, HTTPS, RDP, SMB, Kerberos, LDAP and more — probed simultaneously per host. The ports that are actually open in any real environment.
Hostname, IP, CIDR & Wildcard
Target a single hostname, a direct IP, an entire subnet via CIDR notation, or a wildcard range. DNS is resolved before probing.
Subnet Scanner
Scan a full /24 in under 10 seconds. Only UP hosts are printed — DOWN hosts are silent. Clean output, no noise.
Verbose Diagnostics
Pass -v to see DNS resolution, each port probe outcome, and full timing. Useful for understanding exactly why a host appears up or down.
Zero Dependencies
Single self-contained .exe. No installer, no runtime, no configuration. Drop it on any Windows machine and run.