Network Intelligence Scanner 🌐

A powerful, lightweight network reconnaissance tool built with Python, Scapy, and Flask. Discover active hosts, scan ports, and analyze your network infrastructure with an intuitive web dashboard or command-line interface.

---

✨ Features

🔍 Network Discovery

• Automatic local network detection (CIDR notation support)
• ARP-based host discovery with fallback ping-based detection
• MAC address vendor identification
• Reverse DNS hostname resolution

🔌 Port Scanning

• Fast multi-threaded port scanning
• Default scan of 15 common ports
• Service identification and risk classification
• Open port enumeration with details

🎯 Advanced Analysis

• Device type detection (Workstation, Server, Network Device, etc.)
• OS family detection via TTL analysis
• Security risk scoring
• Vulnerability alerts (exposed ports, weak protocols)
• Banner grabbing for service version detection

🎨 Dual User Interface

• Web Dashboard: Modern, responsive UI with real-time updates
• CLI Tool: Comprehensive command-line interface for advanced users
• Export results in JSON, CSV, and HTML formats

📊 Results Management

• Scan history tracking
• Network topology visualization
• Detailed host-by-host reporting
• Multi-format export capabilities

---

� Screenshots

Web Dashboard

The modern, responsive web interface for network scanning:

CLI Interface

Command-line tool for advanced users and automation:

---

�🚀 Quick Start

Prerequisites

• Python 3.7+
• Windows/Linux/macOS with administrator/root privileges
• Npcap (Windows only) - Download

Installation

1. Clone Repository

git clone https://github.com/your-username/network-intelligence-scanner.git
cd network-intelligence-scanner

2. Create Virtual Environment

# Windows
python -m venv venv
venv\Scripts\activate

# Linux/macOS
python3 -m venv venv
source venv/bin/activate

3. Install Dependencies

pip install -r requirements.txt

Running the Application

Web Dashboard (Recommended)

cd app
python app.py

Then open http://localhost:5000 in your browser.

CLI Mode

python cli_dashboard.py

---

📋 Usage Guide

Web Dashboard

1. Auto-Detect Network: Click the "Auto-Detect" button to find your local network automatically
2. Manual Entry: Enter a network range in CIDR format (e.g., 192.168.1.0/24)
3. Start Scan: Click "Start Scan" to begin host discovery and port enumeration
4. View Results:
   • Stats Dashboard: Overview of found hosts, open ports, and risk levels
   • Host List: Detailed view of each discovered host
   • Port Analysis: Click a host to see detected open ports and services
5. Export Results: Download scan results as JSON, CSV, or HTML

CLI Mode

Network Scanner - Standalone Demo
================================================

Local IP: 192.168.1.100
Network Range: 192.168.1.0/24

Select mode:
1. Quick Scan
2. Full Report
3. Exit

---

📁 Project Structure

network-intelligence-scanner/
├── README.md                          # This file
├── LICENSE                            # MIT License
├── requirements.txt                   # Python dependencies
├── config.ini                         # Configuration settings
├── cli_dashboard.py                   # CLI interface
├── run.sh                             # Linux/macOS startup script
├── run.bat                            # Windows startup script
│
└── app/
    ├── app.py                         # Flask web server
    ├── scanner.py                     # Core scanning engine
    │
    ├── templates/
    │   └── index.html                 # Web UI template
    │
    └── static/
        ├── style.css                  # Dashboard styling
        └── script.js                  # Frontend logic

---

⚙️ Configuration

Edit config.ini to customize behavior:

# Network scanning timeouts
SCAN_TIMEOUT=2
PORT_SCAN_TIMEOUT=1

# Performance settings
MAX_PARALLEL_SCANS=1
THREAD_POOL_SIZE=4
MAX_SCAN_RESULTS=1000

# Port configuration
COMMON_PORTS=21,22,23,25,53,80,110,143,443,445,3306,5432,8080,8443

# Web server settings
APP_HOST=127.0.0.1
APP_PORT=5000
ALLOW_REMOTE_CONNECTIONS=False

---

🔒 Security Alerts

The scanner detects and warns about:

• Telnet (Port 23): Unencrypted protocol - Use SSH instead
• FTP (Port 21): Unencrypted data transfer - Use SFTP
• SMB (Port 445): Windows file sharing on non-Windows systems
• Exposed Databases: MySQL/PostgreSQL on accessible ports
• Unencrypted HTTP: HTTP without HTTPS support

---

🛠️ API Endpoints

Endpoint	Method	Description
/api/network-info	GET	Get local network information
/api/start-scan	POST	Start a new network scan
/api/scan-status	GET	Get current scan status
/api/port-scan/<host>	GET	Scan specific host ports
/api/scan-history	GET	Get scan history
/api/topology	GET	Get network topology
/api/dashboard	GET	Get dashboard data
/api/export/csv	GET	Export as CSV
/api/export/html	GET	Export as HTML
/api/export/json	GET	Export as JSON

---

⚠️ Important Notes

Windows Compatibility

• Administrator privileges required for ARP scanning
• Install Npcap from https://nmap.org/npcap/ for packet capture
• Ensure Npcap is installed with "WinPcap API-compatible mode" enabled

Linux/macOS

• Root/sudo privileges required for raw socket operations
• Use sudo python cli_dashboard.py or sudo python app/app.py

Network Requirements

• Scanner must be on the same network segment (Layer 2)
• Firewalls may block ICMP/ARP - ping-based fallback is automatic
• Maximum of 64 hosts scanned simultaneously (configurable)

---

🔄 How It Works

Discovery Phase

1. ARP Boost: Sends ARP packets to discover hosts actively responding
2. Fallback Detection: Uses ICMP ping if ARP unavailable
3. DNS Resolution: Attempts reverse DNS lookups for hostnames
4. Vendor Lookup: Identifies MAC address vendors

Analysis Phase

1. Port Enumeration: Tests 15 common ports per host
2. Service Detection: Identifies services from open ports
3. OS Detection: Analyzes TTL values and port signatures
4. Risk Assessment: Calculates host risk scores
5. Alert Generation: Flags security issues

---

🐛 Troubleshooting

No Hosts Found

• Solution: Run with administrator/root privileges
• Check that Npcap is installed (Windows)
• Verify correct network range (e.g., 192.168.1.0/24)

Scan Hangs

• Solution: Close the app and restart with admin privileges
• Check if Windows Firewall is blocking network operations
• Reduce THREAD_POOL_SIZE in config.ini

Port Scan Timeout

• Increase PORT_SCAN_TIMEOUT in config.ini
• Check if target host is reachable (ping test first)

Scapy Not Working

• Reinstall: pip install --force-reinstall scapy==2.5.0
• Ensure Npcap is installed (Windows)
• Check Python version >= 3.7

---

📝 Logging

Logs are stored in the logs/ directory. Enable verbose logging in config.ini:

LOG_LEVEL=DEBUG
LOG_FILE=logs/scanner.log

---

🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

1. Fork the repository
2. Create your feature branch (git checkout -b feature/AmazingFeature)
3. Commit your changes (git commit -m 'Add some AmazingFeature')
4. Push to the branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

---

⚖️ License

This project is licensed under the MIT License - see the LICENSE file for details.

---

⚠️ Disclaimer

This tool is intended for network administration and security testing on networks you own or have permission to scan. Unauthorized network scanning may be illegal in your jurisdiction. The author takes no responsibility for misuse or damage caused by this tool.

---

📞 Support

For issues, questions, or suggestions:

• Open an Issue
• Contact the maintainer

---

Made with ❤️ for system administrators and security enthusiasts