NullSec VProbe

██╗   ██╗██████╗ ██████╗  ██████╗ ██████╗ ███████╗
██║   ██║██╔══██╗██╔══██╗██╔═══██╗██╔══██╗██╔════╝
██║   ██║██████╔╝██████╔╝██║   ██║██████╔╝█████╗  
╚██╗ ██╔╝██╔═══╝ ██╔══██╗██║   ██║██╔══██╗██╔══╝  
 ╚████╔╝ ██║     ██║  ██║╚██████╔╝██████╔╝███████╗
  ╚═══╝  ╚═╝     ╚═╝  ╚═╝ ╚═════╝ ╚═════╝ ╚══════╝

Hardened Network Packet Analyzer in V

Security Hardening Features

V Language Safety

• Memory safety without GC: Manual memory management with safety
• Compile-time bounds checking: Array access verified at compile time
• Immutable by default: Variables must be explicitly marked mut
• No hidden allocations: Predictable memory behavior
• No undefined behavior: Compiler catches UB at compile time

Option and Result Types

fn validated_ip_create(raw string) !ValidatedIP {
    // Returns error on invalid input
    if parts.len != 4 {
        return error('Invalid IP format')
    }
    return ValidatedIP{ octets: octets, valid: true }
}

Validated Types

struct ValidatedIP {
    octets [4]u8
mut:
    valid bool
}

struct ValidatedPort {
    port u16
mut:
    valid bool
}

struct ValidatedPath {
    path string
mut:
    valid bool
}

Enum-Based Error Handling

pub enum SecurityError {
    invalid_path
    path_too_long
    path_traversal
    invalid_ip
    invalid_port
    connection_failed
    timeout
    rate_limited
    access_denied
}

Detection Capabilities

Feature	Description
Port Scanning	TCP connect scan with service detection
Suspicious Ports	Detection of known backdoor ports
Entropy Analysis	File entropy for packed/encrypted detection
Rate Limiting	Token bucket for resource protection

Build

# Build with V compiler
v -prod vprobe.v

# Run
./vprobe 192.168.1.1

Usage

# Scan common ports
vprobe 192.168.1.1

# Scan specific port range
vprobe 192.168.1.1 -p 1-1000

# Analyze file entropy
vprobe --file /path/to/suspicious.bin

Architecture

┌─────────────────────────────────────────────────────────────┐
│                     NullSec VProbe                          │
├─────────────────────────────────────────────────────────────┤
│  Validated Types (Wrapper Structs)                          │
│  ├── ValidatedIP (IPv4 validation)                         │
│  ├── ValidatedPort (range 1-65535)                         │
│  └── ValidatedPath (traversal protection)                  │
├─────────────────────────────────────────────────────────────┤
│  Analysis Modules                                           │
│  ├── Port Scanner (TCP connect, service detection)         │
│  ├── Entropy Analyzer (Shannon entropy)                    │
│  └── Suspicious Port Detection                             │
├─────────────────────────────────────────────────────────────┤
│  Infrastructure                                             │
│  ├── RateLimiter (token bucket)                            │
│  └── ResultAccumulator (bounded collection)                │
└─────────────────────────────────────────────────────────────┘

Suspicious Port Detection

fn is_suspicious_port(port u16) bool {
    suspicious := [u16(31337), 12345, 4444, 5555, 6666, 6667, 6668, 6669]
    return port in suspicious
}

License

NullSec Proprietary - Part of the NullSec Security Framework

👤 Author

bad-antics

• GitHub: @bad-antics
• Website: bad-antics.github.io
• Discord: discord.gg/killers

---

Part of the NullSec Security Framework