Network Security Toolkit (Windows and Linux)

Description

The Network Security Toolkit is a comprehensive set of tools designed for various network scanning and security tasks. This toolkit is intended for use on Linux (specifically Kali Linux) and leverages several powerful libraries to perform tasks essential for network administrators and security professionals. The toolkit includes features such as port scanning, Wi-Fi network scanning, deauthentication attacks, victim scanning on a LAN, and spoof detection. It requires the network interface to be in monitor mode for certain operations.

Features

Changing Adapter Mode to Monitor (mode)

Ensures the network adapter is set to monitor mode, which is necessary for capturing packets and performing deauthentication attacks.

Port Scanner (ports)

Scans all open ports on a specified remote host within the range of 1 to 5000.

Uses raw socket connections for a basic yet effective port scan.

Advanced Port Scanner using Nmap (nmap_port_scanner)

Utilizes Nmap, a powerful network scanning tool, to perform more detailed and advanced port scanning on the LAN.

Provides comprehensive scan statistics and information on the state of ports and protocols.

Wi-Fi Network Scanner (wifi_scanner)

Scans for nearby wireless networks and displays detailed information such as BSSID, SSID, signal strength, channel, and encryption type.

Uses scapy to capture and analyze wireless packets.

Deauthentication Attack (deauth)

Performs a deauthentication attack to disconnect clients from a specified network.

Can target a single device or broadcast to all devices on the network.

Victim Scanner (victims_scanner)

Scans the local network for connected devices.

Displays IP and MAC addresses of all devices on the network using ARP requests.

Spoof Detection (spoof_detector)

Detects ARP spoofing attacks on the local network.

Compares real MAC addresses with ARP responses to identify discrepancies.

Help (help)

Provides detailed information about each command and its usage.

About (about)

Displays information about the developer and the project.

Project Components

Socket Programming: Used for basic port scanning and network connections.

Subprocess Module: Executes system commands and scripts.

Pandas: Handles dataframes for organizing and displaying network scan results.

Scapy: A powerful packet manipulation tool used for packet capture, network scanning, and performing deauthentication attacks.

Nmap: An industry-standard network scanning tool integrated for advanced port scanning capabilities.

Threading: Used to run multiple tasks concurrently, such as network scanning and displaying results in real-time.

Workflow

Initialization: The toolkit starts by displaying a welcome logo and basic usage instructions.

Command Selection: Users select from a list of commands, each corresponding to a specific network security task.

Execution: Based on the selected command, the toolkit performs the required task, such as scanning ports, detecting networks, or executing an attack.

Output: Results are displayed in a clear, organized format, often using color coding for better readability.

Continuous Loop: The toolkit runs in a loop, allowing users to execute multiple commands without restarting the tool.

Security and Ethical Considerations

Intended Use: This toolkit is designed for ethical hacking and network security purposes. It should be used responsibly and only on networks where the user has permission to perform such operations.

Legal Compliance: Users must ensure they comply with local laws and regulations regarding network scanning and penetration testing.

Conclusion

The Network Security Toolkit provides a robust and comprehensive set of tools for network administrators and security professionals to perform essential network scanning and security tasks efficiently. Its integration of various powerful libraries and tools makes it a versatile solution for maintaining and securing network environments.