PROJECT -1

NETWORK AND PORT

SCANNER:
NAME – HARSH TIWARI
BRANCH – ELECTRONICS
AND COMMUNICATION
ENGINEERING
COLLEGE – KASHI INSTITUTE
OF TECHNOLOGY, VARANASI
INTERSHIP WITH – 1 STOP
Using Python to Build
a Network and Port
Scanning Tool :
Learn how to use Python to
develop an efficient network
and port scanning tool for
swiftly identifying active
devices and open ports,
enabling thorough security
assessments and effective
risk mitigation measures.

With the proliferation of

cyber threats and attacks,
safeguarding network
infrastructure against
unauthorised access, data
breaches, and service
disruptions is a critical
concern for organisations
and individuals alike.
Network and port scanning
are therefore indispensable
tools in the arsenal of
cybersecurity professionals.

Network scanning, the

process of systematically
probing a network to identify
active devices and their
attributes, serves as the
foundation for understanding
network topology and
architecture. By
comprehensively mapping
out the network
infrastructure, security
administrators gain insights
into the layout of devices,
their interconnections, and
potential vulnerabilities. This
helps to implement robust
security measures to fortify
the network against
intrusions and exploits.

Port scanning, a technique

that complements network
scanning, focuses on
scrutinising the status and
accessibility of
communication ports on
networked devices. Ports act
as gateways for data
transmission, facilitating the
exchange of information
between applications and
services. Through port
scanning, security
professionals can ascertain
the availability of open ports,
which signify operational
services, as well as closed or
filtered ports, which may
indicate security controls or
inactive services. By
meticulously analysing port
configurations and
identifying anomalies,
organisations can bolster
their defence mechanisms
and thwart malicious
activities aimed at exploiting
vulnerable services.

The synergy between

network and port scanning is
instrumental in conducting
comprehensive security
assessments, vulnerability
analyses, and penetration
testing exercises. By
leveraging these techniques,
cybersecurity professionals
can proactively detect and
remediate weaknesses in
network infrastructure,
thereby mitigating the risk of
cyberattacks and ensuring
the integrity, confidentiality,
and availability of critical
assets and resources.

In essence, network and port

scanning serve as
indispensable components of
proactive cybersecurity
strategies, enabling
organisations to fortify their
defences, pre-emptively
address vulnerabilities, and
uphold the resilience of their
digital ecosystems in the face
of evolving threats and
adversaries.

Despite the critical

importance of network and
port scanning in
cybersecurity, existing tools
often lack efficiency,
accuracy, and user-
friendliness. Current
solutions may struggle to
provide comprehensive
insights into network
topology and port
configurations, hindering
effective security
assessments and
vulnerability analyses.
Addressing these limitations,
let’s develop a sophisticated
network and port scanning
tool that overcomes existing
challenges, enabling
cybersecurity professionals
to identify active devices and
open ports swiftly and
accurately, thereby
enhancing network security
and resilience against
evolving cyber threats.
Getting started :
Here are the steps that will
help us to get started.

1. Install scapy library.

2. Import the necessary
modules — socket, scapy,
thread, lock.
3. Define function:
scanHost(ip, startPort,
endPort) – Scan TCP ports
on a single host within a
specified range.
4. Define function:
scanRange(ip, startPort,
 endPort) – Scan TCP ports
on all hosts within a
network.
5. Define function:
tcpScan(ip, startPort,
endPort) – Scan TCP ports
on a specific IP address.
6. Define function:
network_scan(target_ip)
– Scan devices in a
network using ARP.
7. Use socket to create TCP
connections to each port
within the specified
range.
8. Print open ports if the
connection is successful.
9. Use scapy to create ARP
packets and send them to
discover devices in the
network.
10. Extract IP and MAC
addresses from the
responses.
11. Print the discovered
devices.
12. Test the script with
various inputs to ensure it
behaves as expected.
 13. Optimise the script for
efficiency and usability.
To begin with we would need
Python version 3.x and any
Python-compatible IDE (e.g.,
PyCharm, VSCode). A
Python-based network and
port scanner uses modules
like scapy and socket to
identify active hosts and
open ports within a network.

1. Next, load the following

libraries:
2. library(scapy): This is
used for interacting with
 the packets on the
network.
3. library(socket): This
establishes network
connections over various
network protocols such as
TCP or UDP to send and
receive data.

Defining function
scanHost() and
scanRange() :
The code initialises a print
lock `print_lock = Lock()` to
synchronise the console
output. This is utilised in
critical sections to ensure
orderly printing when
multiple threads are
involved, and prevents
potential issues with
concurrent printing during
TCP port scanning.

scanHost(ip, startPort,
endPort): This function
initiates a TCP port scan on a
single host identified by the
IP parameter. It iterates
through the range of ports
from startPort to endPort
and calls the tcp_scan
function to perform the scan.
It prints messages indicating
the start and completion of
the scan for that host.

scanRange(network,
startPort, endPort): This
function conducts TCP port
scanning on a range of hosts
within a network. It iterates
through host addresses in
the network range (e.g.,
“192.168.1.1”,
“192.168.1.2”, etc), calling
tcp_scan for each host within
the specified port range. It
prints a message indicating
the start of the scan on the
network.

Figure 2 depicts the

enhanced functionality with
scanHost() and scanRange().
Defining function
tcp_scan()
Loop through port range: It
iterates through each port in
the specified range.

Attempt connection: For each

port, it attempts to establish
a TCP connection with a
timeout of 0.1 seconds.

Check connection status: If

the connection attempt is
successful (i.e., the port is
open), it prints a message
indicating an open TCP port.

Close socket: It closes the

TCP socket after printing the
message.

Exception handling: It
includes exception handling
to catch any errors during
the connection attempt,
passing over them without
taking action. Figure 3
introduces the tcp_scan()
function for comprehensive
network analysis.
Figure 3: Defining function tcp_scan()

Defining function
network_scan()
ARP packet creation: Creates
an ARP packet with the
target IP address
(target_ip). Creates an
Ethernet frame with the
destination MAC address set
to broadcast.

Sending and receiving

packets: Sends the packet
with a timeout of 3 seconds.
Captures the response
containing IP and MAC
addresses.

Extracting
information: Iterates over
responses, extracting IP and
MAC addresses into a list of
dictionaries.

Printing results: Prints

available devices in the
network with their IP and
MAC addresses in a
formatted table. Figure 4
streamlines the network
evaluation with
network_scan() function.
Figure 5: Defining main() function

Defining the main()

function
Display options: It prints the
available options: ‘1. TCP
Port Scanner’ and ‘2.
Network Scanner’.

Get user input: It prompts

the user to enter their choice
(either 1 or 2) using the
input() function, and
converts the input to an
integer.

Handle user choice: If the

user chooses option 1 (TCP
Port Scanner), it prompts for
an IP address, start port, and
end port; it then calls the
scanHost() function to
perform a TCP port scan on
the specified host within the
specified port range.

If the user chooses option 2

(Network Scanner), it
prompts for a target IP
address (e.g.,
‘172.17.3.1/24’) and calls
the network_scan() function
to perform a network scan.

If the user enters an invalid

choice, it prints a message
indicating so.
Execution: If this script is
executed directly (i.e.,
__name__ == “__main__”),
it calls the main() function to
start the program. After the
user selects an option and
the scanning is complete, it
prompts the user to press
any key to close the
program. Figure 5 defines
the function main() coded
with a menu driven model.
Figure 6: Port scanning with range 1 to 1000

Result and output

Figure 6 shows the output of
the TCP Port Scanner with
range 1 to 1000.
Figure 7 depicts the Network
Scanner capturing the
available devices in the
network.

In conclusion, the creation of

a network and port scanner
using Python represents a
significant advancement in
the realm of network security
and management. Such tools
are indispensable for
network administrators and
security professionals,
providing them with the
means to thoroughly analyse
the state of their networks.
The use of Python allows
rapid development and easy
integration with existing
systems and tools, making
the scanners accessible to a
wide range of users.

Figure 7: Network scanning

Furthermore, the
incorporation of libraries
such as `socket` and
`scapy` enhances the
functionality and
effectiveness of the
scanners. These libraries
provide comprehensive
capabilities for network
communication, packet
manipulation, and analysis,
enabling thorough
examination of network
traffic and devices.

The open source nature of

this project encourages
collaboration and
contribution from the
cybersecurity community. By
sharing code and insights,
developers can collectively
improve and expand the
capabilities of these
scanners, ultimately
benefiting the entire
community.
 PROJECT –
2
RECON
AUTOMATION
FOR WEB
PENTESTING

THIS INTERNSHIP PROJECT, TITLED

"RECON AUTOMATION FOR WEB
PENTESTING," WAS CARRIED OUT
AS PART OF MY INTERNSHIP AT
[1Stop]. THE AIM OF THE PROJECT
WAS TO CREATE A
COMPREHENSIVE TOOL IN
PYTHON THAT AUTOMATES
VARIOUS RECONNAISSANCE
TASKS ESSENTIAL IN ETHICAL WEB
PENETRATION TESTING
(PENTESTING).
IP Scanner - Ping to
check if host is live:
def ip_scanner(ip):
print(f"Scanning IP: {ip}") response
= os.system(f"ping -c 1 {ip}") if
response == 0: print(f"{ip} is live")
else: print(f"{ip} is not reachable")
Port Scanner - Scan
ports to check open
or closed:
def port_scanner(ip, start_port,
end_port): print(f"Scanning ports
{start_port} to {end_port} on
{ip}...") open_ports = [] for port in
range(start_port, end_port + 1):
sock =
socket.socket(socket.AF_INET,
socket.SOCK_STREAM)
sock.settimeout(1) result =
sock.connect_ex((ip, port)) if result
== 0: open_ports.append(port)
sock.close()
if open_ports:
print(f"Open ports on
{ip}: {open_ports}")
else:
print(f"No open ports
found on {ip} in the range
{start_port} to
{end_port}")
Barcode Generator -
Generates a
barcode:
def generate_barcode(data,
barcode_type="code128"):
print(f"Generating {barcode_type}
barcode for data: {data}") bar =
barcode.get_barcode_class(barcode
_type) bar_code = bar(data,
writer=ImageWriter()) filename =
bar_code.save(f"{data}_barcode")
print(f"Barcode saved as
{filename}.png")
QR Code Generator
- Generates a QR
code:
def generate_qrcode(data):
print(f"Generating QR code for
data: {data}") qr_img =
qrcode.make(data)
qr_img.save(f"{data}_qrcode.png")
print(f"QR code saved as
{data}_qrcode.png")
Password Generator
- Generates a strong
password:
def
generate_password(length=12):
characters = string.ascii_letters +
string.digits + string.punctuation
password =
''.join(random.choice(characters)
for i in range(length))
print(f"Generated password:
{password}") return password
Wordlist Generator -
Generates a wordlist
from provided
words:
def wordlist_generator(words,
length=3): wordlist = []
print(f"Generating wordlist of
length {length} using: {words}") for
_ in range(length):
wordlist.append(''.join(random.sa
mple(words, len(words)))) with
open("wordlist.txt", "w") as file:
for word in wordlist:
file.write(word + "\n")
print(f"Wordlist generated and
saved to wordlist.txt")

Phone Number
Information
Gathering - Uses an
API to fetch phone
info:
def phone_info(phone_number):
print(f"Fetching info for phone
number: {phone_number}") url =
f"http://apilayer.net/api/validate?a
ccess_key=YOUR_API_KEY&number
={phone_number}" response =
requests.get(url) if
response.status_code == 200:
phone_data = response.json()
print(json.dumps(phone_data,
indent=4)) else: print("Failed to
fetch phone number info")
Subdomain Checker
- Fetches
subdomains using
an online service
(API or scraping):
def subdomain_checker(domain):
print(f"Checking subdomains for
{domain}...") url =
f"https://api.hackertarget.com/hos
tsearch/?q={domain}" response =
requests.get(url) if
response.status_code == 200:
subdomains = response.text
print(f"Subdomains for
{domain}:\n{subdomains}") else:
print(f"Failed to fetch subdomains
for {domain}")
DDoS Attack
Simulation
(educational
purposes, only
sends requests
without real DDoS):
def ddos_simulation(target_url,
packet_count=100):
print(f"Simulating DDoS attack on
{target_url} with {packet_count}
packets...") for i in
range(packet_count): try:
requests.get(target_url)
print(f"Packet {i+1} sent") except:
print("Request failed") sleep(0.1)
print("DDoS simulation complete")

Display a welcome
banner:
def display_banner(): f =
Figlet(font='slant')
print(f.renderText("Recon
Automation Tool"))
Main program:
def main(): display_banner() while
True: print("\nSelect an option:")
print("1. IP Scanner") print("2. Port
Scanner") print("3. Barcode
Generator") print("4. QRCode
Generator") print("5. Password
Generator") print("6. Wordlist
Generator") print("7. Phone
Number Information Gathering")
print("8. Subdomain Checker")
print("9. DDoS Simulation")
print("10. Exit")
choice = input("Enter
your choice: ")
 if choice == "1":
ip = input("Enter
the IP address: ")
ip_scanner(ip)

elif choice == "2":

ip = input("Enter
the IP address: ")
start_port =
int(input("Enter the start
port: "))
end_port =
int(input("Enter the end
port: "))
port_scanner(ip,
start_port, end_port)

elif choice == "3":

data = input("Enter
data for the barcode: ")
generate_barcode(data)

elif choice == "4":

data = input("Enter
data for the QR code: ")

generate_qrcode(data)

elif choice == "5":

length =
int(input("Enter the length
of the password: "))

generate_password(length)

elif choice == "6":

words =
input("Enter words (comma
separated) to generate
wordlist: ").split(",")
length =
int(input("Enter the length
of the wordlist: "))

wordlist_generator(words,
length)

elif choice == "7":

phone_number =
input("Enter the phone
number: ")

phone_info(phone_number)

elif choice == "8":

domain =
input("Enter the domain to
check subdomains: ")
subdomain_checker(domain)

elif choice == "9":

target_url =
input("Enter the target URL
for DDoS simulation: ")
packet_count =
int(input("Enter number of
packets to send: "))

ddos_simulation(target_url,
packet_count)

elif choice == "10":

print("Exiting...")
break

else:
 print("Invalid
choice. Please select a
valid option.")
if name == "main": main()