Setting up Hackers Used # Port Scanner



As simply Port scanning is like knocking on doors in a neighborhood to see who's home. 

In the world of network security, it's a crucial step to identify open ports and potential vulnerabilities in your network. 

Port scanning is a useful technique for exploring network systems and gathering information about their services. 

Used Parties

Security professionals and system administrators use port scanning to diagnose network problems, audit network security, or discover vulnerabilities.

Why Port Scanning

It's kind of a enumeration process that defines the ports on a network or targeted machines which open and receive or send. It's sending the crafted packet to analyse the response and determine software and associated vulnerabilities on each port.

Socket Programming

A socket is an endpoint of a two-way communication server with a socket and is bounded by a specific port number as an 80 network. These are bounded with specific port numbers and use backend software to receive and process data before sending it back, generally 

Basic Concept

The basic concept of a port scanner is to attempt a connection to a specific port at an IP address. If the connection is successful, we know there’s a service listening on that port. If not, then the port is closed.


Simple coding on Python

Import socket

import concurrent.futures

 

def scan_port(ip, port):

    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:

        s.settimeout(1)

        try:

            s.connect((ip, port))

            return True

        except:

            return False

 

def port_scanner(ip, start_port, end_port):

    ports = []

    with concurrent.futures.ThreadPoolExecutor(max_workers=100) as executor:

        future_to_port = {executor.submit(scan_port, ip, port): port for port in range(start_port, end_port+1)}

        for future in concurrent.futures.as_completed(future_to_port):

            port = future_to_port[future]

            if future.result():

                print(f'Port {port} is open!')

                ports.append(port)

    return ports

 

# Test

open_ports = port_scanner('localhost', 1, 100)

print("Open ports:", open_ports)


Comments

Post a Comment

Popular posts from this blog

Sanitizing application text fields

Image
  Sanitizing application text fields to prevent SQL injections and vulnerabilities involves several best practices.   Use Parameterized Queries or Prepared Statements: Instead of directly concatenating user input into SQL queries, use parameterized queries or prepared statements provided by your programming language's database API. These methods separate the SQL query logic from the user input, making it impossible for an attacker to inject malicious SQL code. Input Validation: Validate all user input to ensure it adheres to expected formats and ranges. Reject input that contains unexpected characters or patterns that could be indicative of SQL injection attempts. Use Whitelisting: Instead of blacklisting specific characters or patterns, consider whitelisting allowed characters and formats for input fields. This approach is generally safer as it explicitly defines what is acceptable rather than attempting to identify and filter out malicious input. Escape Special Charac...
Read more

Google Hacking Guide

Image
Google Hacking Guide Resource from           By Ken Foster – KMBL Security For educational purposes only.    Not for use in matters or on sites you are not implicitly and legally approved to research By Ken Foster – KMBL Security                    What is Google hacking? The purpose of Google Hacking is to leverage the vast amounts of data that are stored and indexed in search engines to produce unique results that quickly identify sensitive information, vulnerable systems, and network tactics and methods used by their hosts.    These methods are beneficial to security professionals, ethical hackers, and unfortunately black hats.    Who is Google Hacking? Google hacking has become very popular among security testers, ethical hackers, and unfortunately script kiddies and hackers who all too well understand its ...
Read more

Google Hacking Queries

Image
Google Hacking Queries easiest way to filter any specified path in google Filetype can be search any file types according passwords  videos and many more things you can search please when you searching type the word like this filetype:stephanhawking or type with " " qutations like these filetype:"StephanHawking" Index: index meaning unprotected  types ex: Filetype:password Then displaying these kind of page filetype : filetype:bak createobject sa filetype:bak inurl:"htaccess|passwd|shadow|htusers" filetype:cfg mrtg "target filetype:cfm "cfapplication name" password filetype:conf oekakibbs filetype:conf slapd.conf filetype:config config intext:appSettings "User ID" filetype:dat "password.dat" filetype:dat inurl:Sites.dat filetype:dat wand.dat filetype:inc dbconn filetype:inc intext:mysql_connect filetype:inc mysql_connect OR mysql_pconnect filetype:inf sysprep filetype:ini inurl:...
Read more