{"id":13475016,"url":"https://github.com/medbenali/CyberScan","last_synced_at":"2025-03-26T22:31:42.296Z","repository":{"id":49360380,"uuid":"83974768","full_name":"medbenali/CyberScan","owner":"medbenali","description":"CyberScan: Network's Forensics ToolKit","archived":false,"fork":false,"pushed_at":"2019-01-23T21:34:57.000Z","size":16728,"stargazers_count":425,"open_issues_count":6,"forks_count":131,"subscribers_count":36,"default_branch":"master","last_synced_at":"2024-10-30T08:51:14.558Z","etag":null,"topics":["geolocation","information-gathering","network-analysis","network-forensics","network-security","network-visualization","opensource","pcap-analyzer","portscanner","service-discovery"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/medbenali.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-03-05T14:07:58.000Z","updated_at":"2024-10-05T23:46:51.000Z","dependencies_parsed_at":"2022-08-29T22:10:50.198Z","dependency_job_id":null,"html_url":"https://github.com/medbenali/CyberScan","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/medbenali%2FCyberScan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/medbenali%2FCyberScan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/medbenali%2FCyberScan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/medbenali%2FCyberScan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/medbenali","download_url":"https://codeload.github.com/medbenali/CyberScan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245747885,"owners_count":20665882,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["geolocation","information-gathering","network-analysis","network-forensics","network-security","network-visualization","opensource","pcap-analyzer","portscanner","service-discovery"],"created_at":"2024-07-31T16:01:16.700Z","updated_at":"2025-03-26T22:31:37.281Z","avatar_url":"https://github.com/medbenali.png","language":"Python","funding_links":[],"categories":["Uncategorized","Python","Tools","Python (1887)","opensource"],"sub_categories":["Uncategorized"],"readme":"# CyberScan \n\n[![Python 2.6|2.7](https://img.shields.io/badge/python-2.6|2.7-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/License-GPL%20v3-red.svg)](http://www.gnu.org/licenses/gpl-3.0)\n\nCyberScan is an open source penetration testing tool that \ncan analyse packets , decoding  , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...) \n\nScreenshots\n----\n\n![Screenshot](https://github.com/medbenali/CyberScan/blob/master/images/demo.png)\n\nOperating Systems Supported\n---- \n\n- Windows XP/7/8/8.1/10\n- GNU/Linux\n- MacOSX\n\nInstallation\n----\n\nYou can download CyberScan by cloning the [Git](https://github.com/medbenali/CyberScan) repository:\n\n    git clone https://github.com/medbenali/CyberScan.git\n    cd CyberScan/\n    python CyberScan.py -v\n\nCyberScan works out of the box with [Python](http://www.python.org/download/) version **2.6.x** and **2.7.x**. \n\n# The CyberScan Module Usage\n\n\n[CyberScan](https://github.com/medbenali/CyberScan)  is able to send and capture packets of several protocols, forging and decoding them to be used to most network tasks such as scanning, pinging, probing, and attacks.\n\nMake sure you have CyberScan in your machine:\n\n```sh\n$ git clone https://github.com/medbenali/CyberScan.git\n```\n\nYou can test the installation firing up CyberScan iteratively. These are some useful functions:\n\n```sh\n$ CyberScan -h \n```\n---\n\n## Pinging The Network\n\nWe can perform **ping** operations with several protocols using CyberScan The fastest way to discover hosts on a local Ethernet network is to use ARP:\n\n### ARP Ping\n\n```sh\n$ CyberScan -s 192.168.1.0/24 -p arp\n[*] Starting Ping ARP for 192.168.1.0/24\nBegin emission:\nFinished to send 256 packets.\n\nReceived 0 packets, got 0 answers, remaining 256 packets\n```\n\n### ICMP Ping\n\nIn other cases we can use ICMP ping:\n\n```sh\n$ CyberScan -s 192.168.1.1-254 -p icmp\n[*] Starting Ping ARP for 192.168.1.0/24\nBegin emission:\nFinished to send 256 packets.\n\nReceived 0 packets, got 0 answers, remaining 256 packets\n```\n\n### TCP Ping\n\nIn case when  ICMP echo requests are blocked, we can still use TCP:\n\n```sh\n$ CyberScan -s 192.168.1.1-254 -p tcp -d 80\n```\n\n### UDP Ping\n\nOr even  UDP  (which produces ICMP port unreachable errors from live hosts). We can pick any port which is most likely to be closed,  such as port 0:\n\n```sh\n$ CyberScan -s 192.168.*.1-10 -p udp\n```\n\n---\n\n## Network Scanning \n\n### Port Scanner\n\nIn CyberSan Tool we can scan with or without specify start and end port \n\n```sh\n$ CyberScan -s 192.168.1.1 -p scan -d 1 -t 100\nWARNING: No route found for IPv6 destination :: (no default route?)\n[*] CyberScan Port Scanner\n[*] Scanning 192.168.1.1 From Port 1 To 100: \n[*] Starting CyberScan 1.01 at 2017-07-14 14:00 CEST\n[*] Scan In Progress ...\n[*] Connecting To Port :  100 \n[*] Scanning Completed at 2017-07-14 14:00 CEST\n[*] CyberScan done: 1IP address (1host up) scanned in 0.32 seconds\n[*] Open Ports: \n\t23 TELNET: Open\n\t53 DNS: Open\n\t80 HTTP: Open\n```\n\n```sh\n$ CyberScan -s 8.8.8.8 -p scan\nWARNING: No route found for IPv6 destination :: (no default route?)\n[*] CyberScan Port Scanner\n[*] Scanning For Most Common Ports On 8.8.8.8\n[*] Starting CyberScan 1.01 at 2017-07-14 14:03 CEST\n[*] Scan In Progress ...\n[*] Connecting To Port :  10000 109 110 123 137 138 139 143 156 2082 2083 2086 2087 21 22 23 25 3306 389 546 547 69 80 8443 993 995 \n[*] Scanning Completed at 2017-07-14 14:03 CEST\n[*] CyberScan done: 1IP address (1host up) scanned in 13.11 seconds\n[*] Open Ports: \n\t53 DNS: Open\n\t443 HTTPS: Open\n```\n\n\n------\n## Geolocalisation IP\n\n```sh\n$ CyberScan -s 72.229.28.185 -p geoip\nWARNING: No route found for IPv6 destination :: (no default route?)\n[*] IP Address:  72.229.28.185\n[*] City:  New York\n[*] Region Code:  NY\n[*] Area Code:  212\n[*] Time Zone:  America/New_York\n[*] Dma Code:  501\n[*] Metro Code:  New York, NY\n[*] Latitude:  40.7605\n[*] Longitude:  -73.9933\n[*] Zip Code:  10036\n[*] Country Name:  United States\n[*] Country Code:  US\n[*] Country Code3:  USA\n[*] Continent:  NA\n```\n\n------\n## Analyzing and Decoding Packets \n\nCyberScan can analyse pcap files in order to extract and decode ethernet, ip, tcp, icmp, udp headers.\n\n### Ethernet Headers\n\n```sh\n$ CyberScan -f test.pcap -p eth\nWARNING: No route found for IPv6 destination :: (no default route?)\n----------------------------------------\n[*] Packet : 1\n[+] ### [ Ethernet ] ###\n[*] Mac Destination : 00:1f:f3:3c:e1:13\n[*] Mac Source : f8:1e:df:e5:84:3a\n[*] Ethernet Type : 2048\n```\n\n### IP Headers\n\n```sh\n$ CyberScan -f test.pcap -p ip\nWARNING: No route found for IPv6 destination :: (no default route?)\n----------------------------------------\n[*] Packet : 1\n[+] ###[ IP ] ###\n[*] IP Source : 172.16.11.12\n[*] IP Destination : 74.125.19.17\n[*] IP Version :  4\n[*] IP Ihl :  5\n[*] IP Tos :  0\n[*] IP Len :  79\n[*] IP Id :  56915\n[*] IP Flags :  2\n[*] IP Frag :  0\n[*] IP Ttl :  64\n[*] IP Protocol :  6\n[*] IP Chksum :  18347\n[*] IP Options :  []\n[*] IP Dump : \n0000   45 00 00 4F DE 53 40 00  40 06 47 AB AC 10 0B 0C   E..O.S@.@.G.....\n0010   4A 7D 13 11 FC 35 01 BB  C6 D9 14 D0 C5 1E 2D BF   J}...5........-.\n0020   80 18 FF FF CB 8C 00 00  01 01 08 0A 1A 7D 84 2C   .............}.,\n0030   37 C5 58 B0 15 03 01 00  16 43 1A 88 1E FA 7A BC   7.X......C....z.\n0040   22 6E E6 32 7A 53 47 00  A7 5D CC 64 EA 8E 92      \"n.2zSG..].d...\n```\n\n### TCP Headers\n\n```sh\n$ CyberScan -f test.pcap -p tcp\nWARNING: No route found for IPv6 destination :: (no default route?)\n----------------------------------------\n[*] Packet : 1\n[+] ###[ TCP ] ###\n[*] TCP Source Port :  64565\n[*] TCP Destination Port :  443\n[*] TCP Seq :  3336115408\n[*] TCP Ack :  3307089343\n[*] TCP Dataofs :  8\n[*] TCP Reserved :  0\n[*] TCP Flags :  24\n[*] TCP Window :  65535\n[*] TCP Chksum :  52108\n[*] TCP Urgptr :  0\n[*] TCP Options :  [('NOP', None), ('NOP', None), ('Timestamp', (444433452, 935680176))]\n[*] TCP Dump : \n0000   FC 35 01 BB C6 D9 14 D0  C5 1E 2D BF 80 18 FF FF   .5........-.....\n0010   CB 8C 00 00 01 01 08 0A  1A 7D 84 2C 37 C5 58 B0   .........}.,7.X.\n```\n\n\n### UDP Headers\n\n```sh\n$ CyberScan -f test.pcap -p udp\nWARNING: No route found for IPv6 destination :: (no default route?)\n----------------------------------------\n[*] Packet : 1\n[+] ###[ UDP ] ###\n[*] UDP Source Port :  54639\n[*] UDP Destination Port :  53\n[*] UDP Len :  47\n[*] UDP Chksum :  30084\n[*] UDP Dump : \n0000   D5 6F 00 35 00 2F 75 84  13 A2 01 00 00 01 00 00   .o.5./u.........\n0010   00 00 00 00 04 65 38 37  32 01 67 0A 61 6B 61 6D   .....e872.g.akam\n0020   61 69 65 64 67 65 03 6E  65 74 00 00 01 00 01      aiedge.net.....\n```\n\n### ICMP Headers\n\n```sh\n$ CyberScan -f test.pcap -p icmp\nWARNING: No route found for IPv6 destination :: (no default route?)\n----------------------------------------\n[*] Packet : 1\n[+] ###[ ICMP ] ###\n[*] ICMP Type :  3\n[*] ICMP Code :  3\n[*] ICMP Chksum :  5296\n[*] ICMP Id :  None\n[*] ICMP Seq :  None\n[*] ICMP Dump : \n0000   03 03 14 B0 00 00 00 00  45 00 00 43 C1 80 00 00   ........E..C....\n0010   40 11 4A FC AC 10 0B 01  AC 10 0B 0C 00 35 E7 E8   @.J..........5..\n0020   00 2F 00 00                                        ./..\n```\n\nContact\n----\n\n\n\n[10.1]: http://i.imgur.com/tXSoThF.png (twitter icon with padding)\n[20.1]: http://i.imgur.com/P3YfQoD.png (facebook icon with padding)\n[30.1]: http://i.imgur.com/0o48UoR.png (github icon with padding)\n\n\n\n\n\n\n[10]: https://twitter.com/007Hamoud\n[20]: https://www.facebook.com/hammouda.benali\n[30]: https://www.github.com/medbenali\n\n\n\n#### BEN ALI Mohamed \n[![alt text][10.1]][10]\n[![alt text][20.1]][20]\n[![alt text][30.1]][30]\n##### Email : mohamed.benali@esprit.tn\n\n\n\n\n\n\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmedbenali%2FCyberScan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmedbenali%2FCyberScan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmedbenali%2FCyberScan/lists"}