A few days ago, I knew nothing of Python. I came to know Python, it's Sockets, and many more things are a great deal in real time penetration testing scenarios. So I decided to learn python, but instead of doing it the conventional way, that is by printing star programs and palindrome numbers, I thought to emulate more real world scenarios and make it work through lot's of hurdles and bugs. And finally, it came to it's semi-final completion. What did I do? A very basic Grunt Work tool for hackers and networking students. Basically a Port Scanner, which is not exactly a basic scanner like of those on the internet. i.e. with sockets and stuff. Socket's would have ofcourse done it, but I used a very powerful tool called 'Scapy' for the Scans. It can do half connect TCP scans, UDP and Ping scans.
Soon coming is banner grabbing, but until then, let's discuss the project.
Now, The project could have been completed within 2 days, if I used Regular expressions, Netaddr module. But I challenged myself to do it manually. That is both going to help me with my logical thinking, and also the students that are going to use my tool the basics of IPv4 Addressing, Subnetting, and manual validations. The Netaddr module already has built in IPv4 and 6 format and subnet calculations. Also a lot can be done with IPs with this module, but What's the challenge in learning to code if I import every pre-cooked modules and just pass some numbers as arguments?
That's why, IP Validation, Subnet calculation is done completely from scratch. Looking at that code will help students understand subnetting, mentality of coding, and solving real world problems instead of printing stars. Also those subnet calculation and validation codes are written in modules, so anybody can import them as third party modules within their code and run it, and also as maybe a standalone application if need be.
I have the 'Scapy' scripts written in another file, where the user can write or add their new scanning methods and call it from the main() function with a few lines of codes.
Also, I did not use system arguments, which means this will not function like NMap commands. This is I intentionally left as Interactive. You get asked to choose like a cellphone customer care menu and you choose what type of scan to do with this. So no need to memorize exact sequence of letters to make it work. As I said this is made to be helpful to new comers in this field. One new comer is uncomfortable with CLI arguments. So that's why I made it as easy as possible. So no need to memorize and can be better concentrated into the inner workings.
Also, I added an option to save the results of the scan afterwords in an HTML file which upon completion will automatically launch the page from your default browser of choice.
So, now I am going to share the GitHub link for the project for you to download, study and use. Feel free to comment, post bugs on Git and whatever you like to.
Do share for others for them to do the same. Stay knowledgeable.
~ Budhaditya Bose ~