Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ewilliams0305/kangaroo

Kangaroo is a network IP scanner library designed to be utilized inside of a C# application.
https://github.com/ewilliams0305/kangaroo

Last synced: 26 days ago
JSON representation

Kangaroo is a network IP scanner library designed to be utilized inside of a C# application.

Host: GitHub
URL: https://github.com/ewilliams0305/kangaroo
Owner: ewilliams0305
License: mit
Created: 2024-03-02T00:25:28.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-07-15T19:15:01.000Z (5 months ago)
Last Synced: 2024-11-10T01:55:22.970Z (about 1 month ago)
Language: C#
Size: 11 MB
Stars: 15
Watchers: 1
Forks: 4
Open Issues: 13
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-avalonia - Kangaroo IP Scanner - Cross platform IP scanner application. (Samples and Projects / Software Development)

README

        ![Readme Image](./docs/kangaroo-header.png)

![GitHub](https://img.shields.io/github/license/ewilliams0305/kangaroo) 

![GitHub all releases](https://img.shields.io/github/downloads/ewilliams0305/kangaroo/total) 

![Nuget](https://img.shields.io/nuget/dt/kangaroo)

[![GitHub issues](https://img.shields.io/github/issues/ewilliams0305/kangaroo)](https://github.com/ewilliams0305/kangaroo/issues)

![GitHub Repo stars](https://img.shields.io/github/stars/ewilliams0305/kangaroo?style=social)

![GitHub forks](https://img.shields.io/github/forks/ewilliams0305/kangaroo?style=social)

[![DOTNET TEST](https://github.com/ewilliams0305/kangaroo/actions/workflows/dotnet-test.yml/badge.svg)](https://github.com/ewilliams0305/kangaroo/actions/workflows/dotnet-test.yml)

[![PUBLISH RELEASE](https://github.com/ewilliams0305/kangaroo/actions/workflows/dotnet-release.yml/badge.svg)](https://github.com/ewilliams0305/kangaroo/actions/workflows/dotnet-release.yml)

![GitHub last commit (branch)](https://img.shields.io/github/last-commit/ewilliams0305/kangaroo/main)

*"Kangaroos have large, powerful hind legs, large feet adapted for leaping"*

The kangaroo network scanner supports (or will support) the following features. 

![Static Badge](https://img.shields.io/badge/IP-SCAN-blue)  

![Static Badge](https://img.shields.io/badge/PORT-SCAN-green)

![Static Badge](https://img.shields.io/badge/NODE-SCAN-blue)

![Static Badge](https://img.shields.io/badge/PARELLEL-SCAN-blue)   

![Readme GIF](./docs/kangaroo-ui.gif)

## Table of Contents

1. [Desktop UI Guide](#Desktop-Guide)

2. [Command Line Tool](#Command-Line-Tool)

3. [Building Scanners](#Building)

4. [Scanning Networks](#Scanning-Networks)

# Desktop Guide

Complete desktop user guid TDB, for now heres the status:

Desktop UI supports IP Scans with:

- Network Adapter Selection

- IP Address Range

- Subnet Calculation up to /16

- Single Address

Dashboard will display recent scans

- Allows user to select scans for comparison

- Allows user to view latency information

Configuration and compliance views are non-functional

# Command Line Tool

# Building

Kangaroo leverages the builder pattern to ensure its configured correctly before usage. 

*begin with a ScannerBuilder.Configure() method*

``` csharp

// IScanner implements IDisposable so optionally use a using statement

using var scanner = ScannerBuilder.Configure()

```

If no additional options are provided the kangaroo will grab your first up network interface and use that subnet for scans. **(lies, not yet)**

Begin chaining addition options together as depicted. 

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithAddresses([ip1, ip2, ip3...])

    .WithParallelism(numberOfBatches: 10)

    .WithNodeTimeout(TimeSpan.FromMilliseconds(250))

    .WithLogging(

        LoggerFactory.Create(builder =>

        {

            builder.AddConsole();

        }))

    .Build();

var nodes = await scanner.QueryNetwork();

Console.WriteLine(nodes.Dump());

```

## IP Configuration

Optionally kangaroo can use specific IPs, a range of IPs, or scan an entire subnet

*ip address collection*

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithAddresses([ip1, ip2, ip3...]) // provide an IEnerable of IP addresses

    .Build();

```

*single ip address*

``` csharp

var scanner = ScannerBuilder.Configure()

    .WithAddress( IPAddress.Parse("10.0.0.111"))

    .WithHttpScan()

    .WithMaxTimeout(TimeSpan.FromSeconds(2))

    .Build();

```

*subnetmask*

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithSubnet("10.0.0.0", "255.255.255.0") // provide an ip subnet to scan

    .Build();

```

*network interface*

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .withInterface(ethernet2) // provide an adapter to determine a subnet (optinal string name)

    .Build();

```

*range of ips*

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithRange(startIpAddress, endIpAddress) // provide a start and end address to scan a range of IPs 

    .Build();

```

## Web Server Query

An optional web server query can be enabled.  Use the `WithHttpScan` option after configuring the addresses.

In order to prevent port or dns exhaustion the scan depends on a `Func`.  You can use this function to create an http client pool,

leverage the http client factory, or simply return a new client.  Each query will request a client and dispose of the client afterwards.

A default factory is provided in the library if no function is provided.

```csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithInterface(adapter)

    .WithHttpScan(() => new HttpClient())

    .Build();

```

## Ping Configuration

The ping can be configured as well. optional timeout and TTL can be provided to effectively speed up or slow down each query. A shorter timeout will allow kangaroo to fail faster on an unknown address. The TTL can be configured to ensure you are only scanning IP addresses within a physical boundary. A TTL of 1 would only ping devices on the physical switch. 

``` csharp

using var scanner = ScannerBuilder

  .Configure()

  .WithIpAddresses(ips)

  .WithMaxTimeout(TimeSpan.FromSeconds(1))

  .Build();

```

``` csharp

using var scanner = ScannerBuilder

  .Configure()

  .WithIpAddresses(ips)

  .WithMaxHops(2)

  .Build();

```

## Parallel Configuration

After the ips are determined you can optionally execute the scans using the TPL, add the WithParallelism 

method and provide a batch size. Each batch of IP addresses will be scanned in parellel. Each batch will contsin the number of IP addresses divided by the size of the provided addresses. 

``` csharp

using var scanner = ScannerBuilder

    .Configure()

    .WithAddresses(ips)

    .WithParallelism(numberOfBatches: 10) // of 254 addresses 25 batches of 10 addresses will be scanned.  

    .Build();

```

## Logging Configuration

BYOL(Logger) 

``` csharp

using var scanner = ScannerBuilder

  .Configure()

  .WithIpAddresses(ips)

  .WithLogging(_logger)  //Provide a logger

  .Build();

```

``` csharp

using var scanner = ScannerBuilder

  .Configure()

  .WithIpAddresses(ips)

  .WithLogging(() => ILogger)  //Provide a logger func

  .Build();

```

# Scanning Networks

So now you have a new Kangaroo Scanner. lets scan, await a call to `QueryAddresses(optionalCtx)` to return a `ScanResult` containing a list of network nodes, and scan results. 

``` csharp

var nodes = await scanner.QueryNetwork();

Console.WriteLine(nodes.Dump());

```

## Network Protocols 

### ICMP

The first scan kangaroo will execute is a simple ping (or icmp) query. 

Depending on the ping configuration the kangaroo scanner will send icmp packets 

to the specified IP addresses and wait for a reply. The ping test is used to determin if the 

endpoint is currently up, and the latency of the node. When and only when a Ping is replied 

too, kangaroo will attempt to perform additional tests. 

### ARP

The next step in the network query involves an arp request. When an endpoint responds the MAC address

of the network node will be gathered. 

### NETBIOS / Hostname

After collecting the icmp results and mac address, kangaroo will attempt to gather the netbios information by sending

and output packet over UDP port 137. Should the endpoint respond with hostname information the data is parsed and

collected. Results may very...

### WEB Server

The last and final optional step includes an http query. The goal of this query is simply to determine if an http webserver 

exist at that endpoint and report the servers headers. For this test an HTTP GET request on port 80 is made to the 

servers IP address root `GET http://172.22.5.5/`. If any response is return the headers will queried to dertmine the type of webserver. 

## IP Scanning

Await a call to the QueryNetwork to query all the IP addresses provided.  Depending on the configuration each query could take anywhere from 5 seconds to several minutes.  The results will include an IEnumerable of nodes each containing the following data. Note, the hostname results depend on the network environment and machine running the scanner. 

```csharp

public record NetworkNode(

    IPAddress IpAddress,    // IP address that was queried

    MacAddress MacAddress,  // MAC address return from arp request

    string? HostName,       // Hostname return from the query

    string? WebServer,      // HTTP server header information (future) 

    TimeSpan? Latency,      // Ping response time

    TimeSpan QueryTime,     // Elapsed time for the duration of thr query

    bool Alive);            // True if the endpoint replied to ping

```

## Nodes

Individual nodes can be queried as well.

``` csharp

var node = await scanner.CheckNetworkNode();

Console.WriteLine(node.Dump());

```

# Contributing