netscanx

command module
v0.0.0-...-1d61864 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 16, 2024 License: GPL-2.0 Imports: 11 Imported by: 0

README

netbang

Scrappy network interrogator and wringer-outer written in Go.

WHAT? Another scanner in a sea of tools?

Yeah? Maybe? Honestly though, I did not start this thinking "MOAR SCANNING TOOLS", or "NMAP, PFFFT", honest.

So, what were you thinking?

  • Prime thought: "Hey! Let's test what Go concurrency might do for network scanning". As it turns out, all kinds of good performance stuff
  • Thought #2: "Let's use Netbang to stretch out everything I know about programming, cybersecurity, and networking." While learning Go, which was new to me at the time

After working on it a bit, chux0r had bigger, serious-er thoughts

  • The more I developed, the more I thought about the role of scanning, the value and limitations of scanning; the future of scanning.
  • Resource management (time, process cycles, bandwidth, etc- but mostly time) in the face of:
    • The vastness of ipv6: networks with vanishingly few realistic limits anymore; There are increasingly so many things, we can't realistically plan to scan just every-fuckin-thing A-Z anymore. We'll never have enough time (ever).
    • We'd do well to get smart about it.
  • I should use netbang as an opportunity to explore and decide what value, if any, scanning might still hold. And what changes should be made if it does happen to still be useful?

Preliminary thoughts steering some more-interesting features

  • It's about getting information, not about poking everything in the eye.
    • The best, stealthiest, most valuable scanning is achieved by not scanning. This is Zen asf. Oh yeah
    • Use data sources and APIs like Shodan to gather; prioritize this approach before thinking about banging away on the 'net.
  • To address the "not enough time in my lifetime" problem, try what anthropologists and other survey-based researchers have known for a long time:
    • We can't dig everything and sift through it. We have neither the time nor the money.
    • Use avaliable intelligence and artifacts to determine roughly where you think you'll find stuff worth finding.
    • Maximize limited resources at hand by performing stratified random sampling in those places

Just rethinking possibilities and features as I go; not to mention interesting features mashup, foo breakage for fun and profit, other creative/educational mayhem. How many network layers can we make this thing blow apart and report upon?

Env: go version go1.20.7 linux/amd64
Build using: "go build *.go"

AUTHOR: Chuck Geigner "chux0r"
ORG: Megaohm.net Vive la resistance!
Copyright © 2023,2024 CT Geigner, All rights reserved.
Free to use under GNU GPL v2, see https://github/chux0r/netscanx/LICENSE.md

Written 'cause why not? Mostly for S&G.
Yes, I was "mongoose", a long, long time ago. --ctg

Documentation

Overview

***************************************************************************** * netBang * * * Scrappy network scanner written in Go, mostly to answer what boost Go * concurrency gives. Also, fun to see how far I can get network-features-wise. * * Props to Fyodor =) Nmap is still and will likely remain, the boooooomb ;) * In other words, this isn't supposed to replace or unthrone anything; maybe * just add to a class of cool tools I have used and love. * * Making this up as I go, by whatever entertains me most >8] * * 14AUG2023 * CT Geigner ("chux0r") * * 12DEC2023 - Renamed to "netBang", due to the fact that it's at this time a * noisy scanner. It is pretty fast though so there's that. I'll work on the * stealthy bits soon enough. --ctg * * What's being developed NOW-ish * ------------------------------------------------------ * 1) Do raw IP sockets AF_INET stuff+packet constructor next. * 2) Whip up TCP and Xmas-tree scan once we have 1) implemented * Rationale: * net.Dial() is pretty ok, but it abstracts lots of stuff. I'm stuck with a * full-3-way TCP handshake, since there's no controlling the connection or the * packet flags or anything like that. * In short- it's too well behaved for what we need to do. * * Next features hit-list: * ------------------------------------------------------ * Recon using Shodan data * Connect() Flags scan configurations (TCP half open, Xmas, etc) * Improved error processing/context-adding/reporting * OS-specific processing/interpretation of OS network stack error/status mesgs * Trap SIGINT(Ctrl-C), Stop scan and gather whatev report data exists * * Ideas! Fun to watch 'em rot in a pile. Amazing when I actually implement! * ============================================================================= * Multicast fun * BGP fun * DNS fun * SSL cert eval, and validation * IP history & "associations" * Packet constructor * Custom TCP flags options * more integration using stdlib net structures and interfaces * ICMP scanning/host ping and other ICMP uses * Hardware address/local network tomfoolery *****************************************************************************

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.