Skip to main content

🔍💻 NetHawkAnalyzer: An advanced AI-powered tool for ethical hacking, cybersecurity network analysis, and vulnerability assessment. 🦅✨

Project description

NetHawk 🦅: AI-Powered Ethical Hacking & Network Vulnerability Assessment 🔍💻🛡️🌐

NetHawk is an advanced, AI-powered tool designed for ethical hacking and comprehensive network vulnerability assessment. Built for cybersecurity professionals, network administrators, and ethical hackers, NetHawk utilizes powerful tools like Scapy and Nmap to perform deep scans, analyze network security, and uncover potential vulnerabilities in target systems.

GitHub PyPI License

Thanks to AI-driven automation and intelligent decision-making, NetHawk simplifies port scanning, vulnerability detection, and report generation, making security audits faster, smarter, and more efficient.

🙏 I would like to express my sincere gratitude to Santiago Hernández, a leading expert in Cybersecurity and Artificial Intelligence. His outstanding course on Cybersecurity and Ethical Hacking, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!

🔒 Disclaimer: This tool is designed for educational and research purposes. Misuse of this tool could result in violation of laws and regulations. Please use responsibly.

🌟 Key Features:

  • 🔧 Multi-Tool Scanning: Combines the power of Scapy and Nmap to conduct in-depth network scans, ensuring a comprehensive view of network activity and vulnerabilities.

  • 🚪 Aggressive and Comprehensive Port Scanning: Supports TCP, UDP, and Xmas scans to detect open, closed, and filtered ports, identifying potential entry points for attackers.

  • 📊 Result Consolidation: Merges scan results from both tools to eliminate duplicates, providing a clear and consolidated view of your network's security status.

  • High Concurrency: Efficiently scans wide ranges of ports using multiple threads, allowing for fast and scalable performance for networks of any size.

  • ⏱️ Customizable Settings: Configure parameters and timeouts according to your network conditions and security requirements.

  • 🤖 AI-Powered Analysis: Offers smarter vulnerability analysis with actionable insights, helping you take appropriate measures based on findings.

🎯 Use Cases:

  • 🔓 Penetration Testing: Ethical hackers can quickly identify exploitable vulnerabilities in networks, strengthening defenses before malicious actors can attack.

  • 🔍 Network Security Auditing: IT teams can use NetHawk to audit network security, scanning for open ports, misconfigured services, and hidden vulnerabilities.

🔍 Host and Port Scanning Strategy:

NetHawk employs an efficient combination of Scapy and Nmap to perform host and port scanning, providing comprehensive and redundant coverage, ensuring maximum detection of active hosts and open ports, even in networks with firewall defenses.

1. Host Detection with Scapy:

  • ICMP Ping: First, NetHawk uses ICMP packets (ping) sent to each host within the target network range to check their availability. If a host responds, it is considered "active."

  • TCP SYN and ACK Scanning: For hosts that do not respond to the ping, NetHawk performs a TCP SYN scan, sending SYN packets to the most common ports (80, 443, 22, etc.) to identify responses indicating open ports. If no response is received for the SYN, an ACK scan is attempted to determine if the host is responding to TCP packets.

  • Fallback to Socket Scan: If the previous scans fail (possibly due to firewalls blocking ICMP or SYN packets), a direct connection attempt is made using sockets on the same ports, looking for any response that may indicate an open port.

2. Port Scanning with Scapy and Nmap:

  • Scapy: For hosts identified as active, NetHawk uses Scapy to perform deep port scans. Various scan types are supported, including:

    • TCP SYN: Sending SYN packets to discover open ports.
    • UDP Scan: Using UDP packets to detect open or filtered ports.
    • Xmas Scan: Scanning with malformed TCP packets to test for anomalous responses that may indicate filtered or closed ports.
  • Nmap: NetHawk complements Scapy's results with an Nmap scan, providing additional detection capabilities such as identifying service versions and checking less common ports. Nmap is run by default to scan the most commonly used ports or can be configured for custom scans based on specific security requirements.

  • The results from Nmap are consolidated with those from Scapy, eliminating duplicates to offer a clear and detailed final report.

3. Aggregation and Analysis of Results:

NetHawk combines the results from both scans (Scapy and Nmap) to generate a complete list of active hosts and open ports. By merging results from different approaches, duplication is eliminated, providing a unique view of potential network vulnerabilities. With this combination of techniques, NetHawk ensures complete coverage, detecting hosts and open ports that may be hidden from more conventional scanning methods.

🌐 Using the NetHawk API

NetHawk provides a powerful and simplified API for conducting security analyses and network scans. This API abstracts the complexity of using tools like Scapy and Nmap, allowing users to interact with various scanning and vulnerability analysis functions efficiently. Below is a guide to its main methods and functionalities:

1. 🚀 Initialization (__init__)

The main object of the API is the NetHawkAnalyzer class. To get started, you need to provide a network range (network_range) and other optional parameters like timeout (timeout) and an AI API key if necessary.

  • network_range: The range of IP addresses to scan (e.g., 192.168.1.0/24).
  • timeout: Timeout in seconds.
  • groq_api_key and model_id: Optional keys for integration with AI services.

2. 🔍 Host Scanning (scan_hosts)

This method detects active devices on the network, supporting the following scanning methods:

  • arp: Fast, based on ARP, but limited to local networks.
  • scapy: More advanced scanning that can detect hosts through firewalls.

The result is a list of active hosts ready for the next step.

3. 🚪 Port Scanning (scan_ports and scan_all_ports)

NetHawk scans ports using various techniques to detect open ports:

  • TCP SYN: Detects open TCP ports.
  • UDP Scan: Scans for open or filtered UDP ports.
  • Xmas Scan: Uses malformed packets to identify filtered ports.

The scan_all_ports method runs all scan types simultaneously to provide a comprehensive view of open ports on each host.

4. 🛠️ Service Detection (scan_services)

NetHawk allows the identification of services running on open ports and retrieves banner information:

  • scan_services: Scans a list of hosts to detect services and versions, which is crucial for identifying potential vulnerabilities.

5. 📁 SMB Share Scanning (scan_smb_shares)

You can also scan hosts for public SMB shares:

  • scan_smb_shares: Detects shared resources via SMB, helping identify unauthorized access points in the network.

6. 📝 Full Network Scan (run_full_scan)

For a comprehensive analysis, use the run_full_scan method, which combines all scanning functionalities into a single operation:

  • This method performs host discovery, port scanning, service detection, and SMB share enumeration.
  • Results can be output in both PDF and JSON formats for detailed reporting and analysis.

⚠️ Error Handling

The API raises specific errors for known issues, such as:

  • ValueError: Raised for unknown scanning methods.
  • Proper error handling ensures users are informed of any issues during the scanning process.

🖼️ Tool Screenshots

In this section, we showcase various screenshots of NetHawk in action. These visuals illustrate the user interface, scanning processes, and results generated by our AI-powered ethical hacking and network vulnerability assessment tool. Each screenshot highlights the key features and functionalities, providing an insight into how NetHawk simplifies the auditing of network security.

Explore the following images to see how NetHawk works and the valuable information it can uncover for cybersecurity professionals, network administrators, and ethical hackers alike!

📦 Required Dependencies

Dependency Version Description
scapy 2.6.0 A powerful Python library used for network packet manipulation and analysis.
tqdm 4.65.0 A fast, extensible progress bar for loops and file processing.
rich 13.9.2 A library for rich text and beautiful formatting in the terminal.
pysmb 1.2.10 A Python implementation of the SMB/CIFS protocol for network file sharing.
python3-nmap 1.9.1 A Python library that allows you to interact with Nmap from your Python scripts.
langchain 0.2.16 A framework for building applications with language models and AI capabilities.
langchain-groq 0.1.10 An extension for Langchain that enables integration with Groq-based systems.
fpdf2 2.8.1 A library for generating PDF documents using Python.
python-dotenv 1.0.1 A tool to read key-value pairs from a .env file and set them as environment variables.

Acknowledgements 🙏

🙏 I would like to express my sincere gratitude to Santiago Hernández, a leading expert in Cybersecurity and Artificial Intelligence. His outstanding course on Cybersecurity and Ethical Hacking, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!

🤝 Contributing

Contributions to NetHawk are highly encouraged! If you're interested in adding new features, resolving bugs, or enhancing the project's functionality, please feel free to submit pull requests.

Get in Touch 📬

NetHawk is developed and maintained by Sergio Sánchez Sánchez (Dream Software). Special thanks to the open-source community and the contributors who have made this project possible. If you have any questions, feedback, or suggestions, feel free to reach out at dreamsoftware92@gmail.com.

Visitors Count

Please Share & Star the repository to keep me motivated.

GitHub PyPI

License ⚖️

This project is licensed under the MIT License, an open-source software license that allows developers to freely use, copy, modify, and distribute the software. 🛠️ This includes use in both personal and commercial projects, with the only requirement being that the original copyright notice is retained. 📄

Please note the following limitations:

  • The software is provided "as is", without any warranties, express or implied. 🚫🛡️
  • If you distribute the software, whether in original or modified form, you must include the original copyright notice and license. 📑
  • The license allows for commercial use, but you cannot claim ownership over the software itself. 🏷️

The goal of this license is to maximize freedom for developers while maintaining recognition for the original creators.

MIT License

Copyright (c) 2024 Dream software - Sergio Sánchez 

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

NetHawkAnalyzer-0.1.10.tar.gz (18.2 kB view details)

Uploaded Source

Built Distribution

NetHawkAnalyzer-0.1.10-py3-none-any.whl (21.2 kB view details)

Uploaded Python 3

File details

Details for the file NetHawkAnalyzer-0.1.10.tar.gz.

File metadata

  • Download URL: NetHawkAnalyzer-0.1.10.tar.gz
  • Upload date:
  • Size: 18.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.11.6

File hashes

Hashes for NetHawkAnalyzer-0.1.10.tar.gz
Algorithm Hash digest
SHA256 29d03fbe83e15a28a25dd85137ac1ece25337475a3b4957fa598ccb129de33f5
MD5 b82ce0da8c649769152c0820c6cd9fb7
BLAKE2b-256 e52d8ecee78c4599e5fbbdaffc7a270de053d8933c0343fc1f57c8f4848781ce

See more details on using hashes here.

File details

Details for the file NetHawkAnalyzer-0.1.10-py3-none-any.whl.

File metadata

File hashes

Hashes for NetHawkAnalyzer-0.1.10-py3-none-any.whl
Algorithm Hash digest
SHA256 37619805a48385a66390785e8cef879a04b6018f0f1c645fb133be796f50348f
MD5 3c7309b9c9e412c56b2d1512b61de5cc
BLAKE2b-256 27d00de6a707a28e80676e154049d78e7d94c62a95286822cfd958b1d1d8612f

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page