This repository contains a collection of powerful, standalone Python scripts designed for network scanning and web technology analysis. The toolkit leverages popular libraries like Scapy, Requests, and BeautifulSoup to perform a variety of tasks, from discovering hosts on a local network to identifying the technologies running on a web server.
This project is a practical demonstration of how Python can be used to build effective cybersecurity and network reconnaissance tools. It's an excellent portfolio piece for developers interested in ethical hacking, network administration, and automation. The scripts are designed to be modular, functional, and easy to understand.
The repository includes several distinct tools, each with a specific purpose:
- Functionality: Discovers active hosts on the local network using ARP "who-has" requests. It broadcasts a request to a specified IP range (e.g.,
192.168.1.0/24) and listens for replies. - Output: Prints a list of discovered devices with their corresponding IP and MAC addresses.
- Key Technology:
Scapy(for crafting and sending ARP packets).
This toolkit includes three variations of a TCP SYN port scanner, a stealthy technique for checking if ports are open without completing a full TCP connection.
- Functionality: Scans a single, hardcoded port on a target IP or hostname. It sends a SYN packet and analyzes the flags of the response (SYN/ACK or RST/ACK) to determine the port's state. It also correctly sends a RST packet to close the half-open connection.
- Key Technology:
Scapy.
- Functionality: An enhanced version of the SYN scanner that scans a list of ports in parallel using multithreading. This significantly speeds up the scanning process. It also includes basic error handling for non-integer port values.
- Key Technology:
Scapy,threading.
- Functionality: A powerful, data-driven scanner that reads a list of targets and ports from a
targets.jsonfile. It scans each target and writes the results (open, closed, or unknown) back to aresults.jsonfile. - Key Technology:
Scapy,json.
- Functionality: Performs reconnaissance on a target website to identify the technologies it uses. It analyzes HTTP headers, meta tags, script and link tags, HTML comments, and page content to find signatures of common technologies like WordPress, Django, and Cloudflare.
- Output: Prints a detailed report of its findings to the console.
- Key Technology:
requests(for making HTTP requests),BeautifulSoup(for parsing HTML).
To use these tools, you need Python 3 and several external libraries.
- Python 3: Make sure you have Python 3 installed.
- Root/Administrator Privileges: The SYN and ARP scanners require raw socket access to craft and send packets. You must run these scripts with
sudoon Linux/macOS or as an Administrator on Windows.
Open your terminal and run the following command to install all the necessary Python packages:
pip install scapy requests beautifulsoup4 lxmlEnsure your project is organized as follows for the JSON-driven scanner and the tech analyzer to work correctly:
.
├── my_arp_scanner.py
├── my_syn_scanner.py
├── multithread_syn_scanner.py
├── json_scanner.py
├── json_files/
│ ├── targets.json
│ └── results.json
└── tech_analyzer/
└── tech_analyzer.py
Navigate to the project's root directory in your terminal and run the scripts as follows.
-
ARP Scanner:
sudo python my_arp_scanner.py
-
Single-Port SYN Scanner:
sudo python my_syn_scanner.py
-
Multithreaded SYN Scanner:
sudo python multithread_syn_scanner.py
-
JSON-Driven SYN Scanner:
- First, edit
json_files/targets.jsonto define your targets. - Then, run the scanner:
sudo python json_scanner.py
- Check
json_files/results.jsonfor the output.
- First, edit
-
Web Technology Analyzer:
- Navigate into the
tech_analyzerdirectory:cd tech_analyzer - Run the script:
python tech_analyzer.py
- Navigate into the
Disclaimer: These tools are intended for educational purposes and for use on networks and systems where you have explicit permission to conduct scanning. Unauthorized scanning of networks is illegal and unethical.