-2

I am using Linux for security and penetration testing. I often use nmap and wireshark, but I'd like to make a network scanner of my own to learn about how they work.

I'd like it to scan entire network, not scan the ports of one target, however I don't know where to start.

What programming/scripting languages would someone use for a command line-based network scanner and where would I start in the process of making it?

anonymous
  • 263
  • 3
  • 15

1 Answers1

1

Try out python + scapy

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more.

Here's a number of samples to feel its power taken from http://networkinterfaze.com/scapy-examples/ (didn't check it, it may be slightly outdated):

Sending a ping packet from Ubuntu to Windows 7

ip = IP() # Creates an IP header
ip.src = '192.168.1.25' # Source address in the IP header is configured with IP address of ubuntu.
ip.dst = '192.168.1.100' # Destination address in the IP header is configured with the IP address of Windows 7.
icmp = ICMP() # Creates an ICMP header
icmp.type = 8 # Type value inserted in ICMP header as 8 for ping crafting
icmp.code = 0 # Code value inserted in ICMP header as 0 for ping crafting.
send(ip/icmp) # Sending ping packet.

Creating a TCP SYN to port 80 on Windows 7 from Scapy on Ubuntu with Random Source address

cp = TCP() # Creates a TCP header
tcp.dport = 80 # Configures the destination port in the TCP header with port 80.
tcp.flags = ā€™Sā€™ # Configure the flag in the TCP header with the SYN bit.
ip = IP() # Creates an IP header
ip.src = '192.168.1.25' # Source address in the IP header is configured with IP address of ubuntu.
ip.dst = '192.168.1.100' # Destination address in the IP header is configured with the IP address of Windows 7.
send(ip/tcp) # Sending tcp packet.
ffeast
  • 8,760
  • 23
  • 34