A tool to monitor and visualize network connections based on Nmap scan results.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for berylliumsec from gravatar.com berylliumsec

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: David I
Classifiers

Project description

Nebula Watcher

Welcome to the Nebula Watcher

nebula

Content

Acknowledgement

First i would like to thank the All-Mighty God who is the source of all knowledge, without Him, this would not be possible.

Why?

Nebula Watcher offers a method for ethical hackers to monitor the IP addresses and ports they've engaged with during a penetration test. It serves as a visual tool to ensure comprehensive coverage of all intended IP addresses and ports under examination.

Features

  • Parses NMAP scan results (in plain text format) from a specified directory.
  • Monitors network connections and matches them against the parsed NMAP scan results.
  • Generates a visual diagram depicting the activity, with different colors indicating the type of connection.
  • Periodically updates the diagram, maintaining a history of the ethical hacking activity.

Before connecting to port 443:

Before

After connecting to port 443:

After

Dependencies

Installation

The easiest way to get started is to use the docker image. Please note that the ZAP model is NOT supported in the docker image. If you would like to use ZAP please install the package using pip.

PRO TIP: Regardless of if you are using the docker or pip version, always run nebula in the same folder so that it doesn't have to download the models each time you run it.

Docker:

Pulling the image:

docker pull berylliumsec/nebula-watcher:latest

Running the image:

docker run -v $(pwd):/app berylliumsec/nebula-watcher:latest

PIP:

pip install nebula-watcher

To run nebula simply enter:

nebula-watcher

Options:

--results_dir : Specify the directory containing NMAP scan results. (Default: ./results) --diagram_name : Specify the name for the generated diagram. (Default: hacking_activity) --clear_state : Use this flag if you want to start the script without using the previous state. This can be helpful for debugging purposes.

A state file named state.json is written to the current working directory to preserve states even when you close the monitoring tool.

How It Works

  • The script first parses the NMAP scan results to identify open ports on different IP addresses.
  • It then monitors live network connections on the machine it's running on.
  • When a network connection matches an IP and port from the NMAP results, the color of the arrow goes from red to blue on the diagram.
  • The diagram is periodically updated to reflect the current state of the network connections.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for berylliumsec from gravatar.com berylliumsec

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: David I
Classifiers

Release history Release notifications | RSS feed

0.4

0.3

0.2

This version

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nebula-watcher-0.1.tar.gz (4.8 MB view hashes)

Uploaded Source

Built Distribution

nebula_watcher-0.1-py3-none-any.whl (4.8 MB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page