├── LICENSE ├── README.md └── Security Tools ├── Bandwidth ├── networkbandwidth.py └── requirements.txt ├── Cryptography ├── requirements.txt └── sshgenerator.py ├── FirewallRule ├── firewallrule.py └── requirements.txt ├── Hash calculator ├── hash.py └── requirements.txt ├── Password_Generator ├── passwd_gen.py └── requirements.txt ├── Port scanner ├── portscanner.py └── requirements.txt ├── Traffic analyzer ├── requirements.txt └── trafficanalyzer.py └── Webappscanner ├── requirements.txt └── webappscanner.py /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2025 Javier Ferrándiz Fernández 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Security-Tools-in-Python 2 | Several simple projects done in Python for network monitoring for Cybersecurity and high availability. All the modules needed are in their folder with the script. 3 | 4 | UPDATED, ADDED PASSWORD GENERATOR 5 | 6 | 𝗕𝗔𝗡𝗗𝗪𝗜𝗗𝗧𝗛 7 |
This script, made with the psutil library, obtains your bandwidth on the network interface you specify. 8 | 9 | References 10 |
https://pypi.org/project/psutil/ 11 | 12 | 𝗖𝗥𝗬𝗣𝗧𝗢𝗚𝗥𝗔𝗣𝗛𝗬 13 |
This script generates a private key with the RSA encryption algorithm of 2048, then what it does is to convert the private key to a PEM format file, we write the key to the generated file. Then we generate the public key from the private key. 14 | Finally we pass the public key to an SSH file and write it to a file. 15 | 16 | References 17 |
https://pypi.org/project/cryptography/ 18 | 19 | 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟 𝗥𝗨𝗟𝗘 20 |
This script is very customizable, as we can adjust it for our own needs, in this case I have made a rule to block ping, another rule to block RDP protocol, and the last rule allows TCP traffic from one subnet to another over port 80, in this case, the good thing about this is that you can change it to suit your needs. 21 | 22 | References 23 |
https://pypi.org/project/python-iptables/ 24 | 25 | 𝗛𝗔𝗦𝗛 𝗖𝗔𝗟𝗖𝗨𝗟𝗔𝗧𝗢𝗥 26 |
27 | 28 | References 29 |
https://pypi.org/project/hashlib/ 30 | 31 | 𝗣𝗔𝗦𝗦𝗪𝗢𝗥𝗗 𝗚𝗘𝗡𝗘𝗥𝗔𝗧𝗢𝗥 32 |
This password generation script, the first thing I have done is to create a function that creates the password with all the ASCII characters and digits with the string library, then create a JSON file, add an exception, and then call the function created and pass it as parameter 12 to make it as secure as possible, and finally the generated passwords will be dumped to the JSON file previously created. 33 | 34 | References 35 |
https://pypi.org/project/python-secrets/ 36 |
https://docs.python.org/3/library/json.html 37 |
https://docs.python.org/es/3/library/string.html 38 | 39 | 𝗣𝗢𝗥𝗧 𝗦𝗖𝗔𝗡𝗡𝗘𝗥 40 |
The port scanner, I have created a function to scan all ports from 1 to 65535 and check if it is open and then close the connection. Out of the function we indicate the IP to which we want to scan and the ports. Finally we call the function, with the three parameters. 41 | 42 | References 43 |
https://docs.python.org/es/3/library/socket.html 44 | 45 | 𝗧𝗥𝗔𝗙𝗙𝗜𝗖 𝗔𝗡𝗔𝗟𝗬𝗭𝗘𝗥 46 |
This script is very short but powerful because it uses one of the best cybersecurity libraries such as scapy. I define a function, in this function it will verify if the packets are TCP and we indicate the TCP traffic and it indicates the size in bytes. With sniff we start capturing packets through the interface that we indicate, in this case eth0. 47 | 48 | References 49 |
https://scapy.net/ 50 | 51 | 𝗪𝗘𝗕 𝗔𝗣𝗣 𝗦𝗖𝗔𝗡𝗡𝗘𝗥 52 |
This script to scan and analyze a web page we need the famous BeautifulSoup library. We indicate the URL that we want to scan, we collect the GET that we have answered the web that we indicate and we get the HTML and parse it using the library, and in this case, we get all the links on the page and finally iterate it with a for loop to show us all. 53 | 54 | References 55 |
https://pypi.org/project/requests/ 56 |
https://pypi.org/project/beautifulsoup4/ 57 | 58 | 59 | -------------------------------------------------------------------------------- /Security Tools/Bandwidth/networkbandwidth.py: -------------------------------------------------------------------------------- 1 | #Javi_16018 - 10/12 2 | import psutil 3 | 4 | # Obtain the information of the network interface "eth0" or your network interface that you use. 5 | network_info = psutil.net_io_counters(pernic=True)["eth0"] 6 | 7 | # Get the bandwidth used in bytes 8 | bandwidth_used = network_info.bytes_sent + network_info.bytes_recv 9 | 10 | # Convert to megabytes 11 | bandwidth_used_mb = bandwidth_used / 1024 / 1024 12 | 13 | print(f"The following have been used {bandwidth_used_mb:.2f} MB of bandwidth.") 14 | 15 | # To obtain in gigabytes 16 | bandwidth_used_X = bandwidth_used / 1024 / 1024 / 1024 17 | 18 | # To obtain in kilobytes 19 | bandwidth_used_X = bandwidth_used / 1024 20 | 21 | 22 | -------------------------------------------------------------------------------- /Security Tools/Bandwidth/requirements.txt: -------------------------------------------------------------------------------- 1 | psutil -------------------------------------------------------------------------------- /Security Tools/Cryptography/requirements.txt: -------------------------------------------------------------------------------- 1 | cryptography -------------------------------------------------------------------------------- /Security Tools/Cryptography/sshgenerator.py: -------------------------------------------------------------------------------- 1 | # Javier Ferrándiz Fernández - 22/12 2 | import os 3 | from cryptography.hazmat.primitives import serialization, padding 4 | from cryptography.hazmat.primitives.asymmetric import rsa, padding 5 | 6 | 7 | # Generate a private key with the RSA algorithm 8 | private_key = rsa.generate_private_key( 9 | public_exponent=65537, 10 | key_size=2048 11 | ) 12 | 13 | 14 | # Convert private key to PEM format 15 | private_pem = private_key.private_bytes( 16 | encoding=serialization.Encoding.PEM, 17 | format=serialization.PrivateFormat.PKCS8, 18 | encryption_algorithm=serialization.NoEncryption() 19 | ) 20 | 21 | 22 | # Write the private key to a file 23 | with open("private_key.pem", "wb") as f: 24 | f.write(private_pem) 25 | 26 | # Generate a public key from the private key 27 | public_key = private_key.public_key() 28 | 29 | 30 | # Serialize the public key to SSH format 31 | ssh_key = public_key.public_bytes( 32 | encoding=serialization.Encoding.OpenSSH, 33 | format=serialization.PublicFormat.OpenSSH 34 | ) 35 | 36 | # Write the public key to a file 37 | with open("public_key.ssh", "wb") as f: 38 | f.write(ssh_key) 39 | 40 | -------------------------------------------------------------------------------- /Security Tools/FirewallRule/firewallrule.py: -------------------------------------------------------------------------------- 1 | #Javi_16018 2 | import iptc 3 | 4 | # Create a new rule table 5 | table = iptc.Table(iptc.Table.FILTER) 6 | 7 | # Create a rule to block ping 8 | rule = iptc.Rule() 9 | rule.protocol = "icmp" 10 | rule.target = iptc.Target(rule, "DROP") 11 | table.append_rule(rule) 12 | 13 | # Create a rule to block the RDP protocol 14 | rule = iptc.Rule() 15 | rule.protocol = "tcp" 16 | rule.dport = 3389 17 | rule.target = iptc.Target(rule, "DROP") 18 | table.append_rule(rule) 19 | 20 | # Add rule to allow TCP traffic from subnet 192.168.1.0/24 to subnet 192.168.2.0/24 on port 80, in this case. On these lines you can modify what is convenient for you. 21 | rule = iptc.Rule() 22 | rule.src = "192.168.1.0/24" 23 | rule.dst = "192.168.2.0/24" 24 | rule.protocol = "tcp" 25 | rule.dport = 80 26 | rule.target = iptc.Target(rule, "ACCEPT") 27 | table.append_rule(rule) 28 | 29 | table.commit() 30 | 31 | 32 | -------------------------------------------------------------------------------- /Security Tools/FirewallRule/requirements.txt: -------------------------------------------------------------------------------- 1 | python-iptables -------------------------------------------------------------------------------- /Security Tools/Hash calculator/hash.py: -------------------------------------------------------------------------------- 1 | import hashlib 2 | 3 | # We first compute hashes of text strings and then of files. 4 | # The text string for which you want to calculate the hash. 5 | txt = "Hello World!" 6 | 7 | # Creates a hash object using the SHA256 algorithm. 8 | hash_object = hashlib.sha256() 9 | 10 | # Updates the hash object with the text string. 11 | hash_object.update(txt.encode()) 12 | 13 | # Get the hash in hexadecimal form. 14 | hex_hash = hash_object.hexdigest() 15 | 16 | 17 | filename = "example.txt" 18 | 19 | hash_object2 = hashlib.sha256() 20 | 21 | # Opens the file in binary read mode 22 | with open(filename, 'rb') as file: 23 | # Reads the contents of the file in blocks 24 | chunk = file.read(1024) 25 | while chunk: 26 | hash_object2.update(chunk) 27 | chunk = file.read(1024) 28 | 29 | hex_hash2 = hash_object2.hexdigest() 30 | 31 | # Displays the hash. 32 | print(hex_hash) 33 | 34 | # Displays the file hash. 35 | print(hex_hash2) -------------------------------------------------------------------------------- /Security Tools/Hash calculator/requirements.txt: -------------------------------------------------------------------------------- 1 | hashlib -------------------------------------------------------------------------------- /Security Tools/Password_Generator/passwd_gen.py: -------------------------------------------------------------------------------- 1 | # Javier Ferrándiz Fernández - 21/09/2023 - https://github.com/javisys 2 | import secrets 3 | import json 4 | import string 5 | 6 | def create_passwd(length): 7 | all_characters = string.ascii_letters + string.digits 8 | passwd = "" 9 | 10 | for _ in range(length): 11 | passwd += secrets.choice(all_characters) 12 | return passwd 13 | 14 | file_name = "passwd.json" 15 | 16 | passwd_exists = {} 17 | try: 18 | with open(file_name, "r") as file: 19 | passwd_exists = json.load(file) 20 | except FileNotFoundError: 21 | pass 22 | 23 | new_passwd = create_passwd(12) 24 | 25 | # passwd_exists.append(new_passwd) 26 | passwd_label = "password_" + str(len(passwd_exists) + 1) 27 | passwd_exists[passwd_label] = new_passwd 28 | 29 | with open(file_name, "w") as file: 30 | json.dump(passwd_exists, file, indent=4) 31 | 32 | print(new_passwd) 33 | 34 | -------------------------------------------------------------------------------- /Security Tools/Password_Generator/requirements.txt: -------------------------------------------------------------------------------- 1 | secrets 2 | json 3 | string 4 | -------------------------------------------------------------------------------- /Security Tools/Port scanner/portscanner.py: -------------------------------------------------------------------------------- 1 | #Javi_16018 - Mod 07/11/2023 2 | import socket, sys, argparse 3 | 4 | # Runs through each port from 1 to 65535 5 | def scan_ports(ip, start_port, end_port): 6 | for port in range(start_port, end_port + 1): 7 | try: 8 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 9 | s.settimeout(2) 10 | result = s.connect_ex((ip, port)) 11 | type_service = port_name_service(port) 12 | 13 | if result == 0: 14 | print(f"{ip} : Open port: {port}, Service: {type_service}", file=sys.stdout) 15 | 16 | # Close the socket 17 | s.close() 18 | 19 | except: continue 20 | 21 | # Obtains the service name if available 22 | def port_name_service(num_port): 23 | try: 24 | service_name = socket.getservbyport(num_port) 25 | return service_name 26 | except: 27 | return "unknown" 28 | 29 | # -------------------------------------------------------------------------------------> 30 | 31 | # Script arguments 32 | parser = argparse.ArgumentParser() 33 | parser.add_argument('-i', metavar='[x.x.x.x]', help='ip address') 34 | parser.add_argument('-p', metavar='[0:65535]', help='port range') 35 | args = parser.parse_args() 36 | 37 | # Port arguments 38 | if args.p: 39 | try: 40 | start_port, end_port = args.p.split(":"); start_port, end_port = int(start_port), int(end_port) 41 | 42 | # Stops the code if the port range is incorrect 43 | if start_port > 65535 or end_port > 65535 : print("Invalid port range", file=sys.stderr); sys.exit(1) 44 | elif start_port > end_port : print("Initial range greater than final range", file=sys.stderr); sys.exit(1) 45 | 46 | except: 47 | print(f"Invalid port range", file=sys.stderr); sys.exit(1) 48 | 49 | # IP Arguments 50 | if args.i: ip_address = args.i 51 | 52 | 53 | # Port scanning is performed 54 | try: 55 | scan_ports(ip_address, start_port, end_port) 56 | except: 57 | print(f"Error: Failed to execute the command, please check the arguments, use --help", file=sys.stderr); sys.exit(1) 58 | -------------------------------------------------------------------------------- /Security Tools/Port scanner/requirements.txt: -------------------------------------------------------------------------------- 1 | socket 2 | sys 3 | argparse -------------------------------------------------------------------------------- /Security Tools/Traffic analyzer/requirements.txt: -------------------------------------------------------------------------------- 1 | scapy -------------------------------------------------------------------------------- /Security Tools/Traffic analyzer/trafficanalyzer.py: -------------------------------------------------------------------------------- 1 | from scapy.all import * 2 | 3 | # Function that will be executed when a packet is received. 4 | def packet_callback(packet): 5 | if packet[TCP]: 6 | print(f"Paquete TCP de {packet[IP].src} a {packet[IP].dst}") 7 | print(f"Puertos: {packet[TCP].sport} -> {packet[TCP].dport}") 8 | print(f"Tamaño: {len(packet)} bytes") 9 | 10 | # Starts packet capture on network interface "eth0". 11 | sniff(iface="eth0", prn=packet_callback, filter="tcp") 12 | -------------------------------------------------------------------------------- /Security Tools/Webappscanner/requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | bs4 -------------------------------------------------------------------------------- /Security Tools/Webappscanner/webappscanner.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from bs4 import BeautifulSoup 3 | 4 | # URL of the web application to be scanned. 5 | url = "http://example.com/" 6 | 7 | # a GET request is sent to the URL. 8 | response = requests.get(url) 9 | 10 | # The HTML of the page is obtained. 11 | html = response.text 12 | 13 | # The HTML is parsed using the Beautiful Soup library. 14 | soup = BeautifulSoup(html, 'html.parser') 15 | 16 | # Find all links in the HTML. 17 | links = soup.find_all('a') 18 | 19 | # Scrolls through each link and displays its URL. 20 | for link in links: 21 | print(link.get('href')) 22 | --------------------------------------------------------------------------------