├── LICENSE
├── README.md
└── Security Tools
├── Bandwidth
├── networkbandwidth.py
└── requirements.txt
├── Cryptography
├── requirements.txt
└── sshgenerator.py
├── FirewallRule
├── firewallrule.py
└── requirements.txt
├── Hash calculator
├── hash.py
└── requirements.txt
├── Password_Generator
├── passwd_gen.py
└── requirements.txt
├── Port scanner
├── portscanner.py
└── requirements.txt
├── Traffic analyzer
├── requirements.txt
└── trafficanalyzer.py
└── Webappscanner
├── requirements.txt
└── webappscanner.py
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2025 Javier Ferrándiz Fernández
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Security-Tools-in-Python
2 | Several simple projects done in Python for network monitoring for Cybersecurity and high availability. All the modules needed are in their folder with the script.
3 |
4 | UPDATED, ADDED PASSWORD GENERATOR
5 |
6 | 𝗕𝗔𝗡𝗗𝗪𝗜𝗗𝗧𝗛
7 |
This script, made with the psutil library, obtains your bandwidth on the network interface you specify.
8 |
9 | References
10 |
https://pypi.org/project/psutil/
11 |
12 | 𝗖𝗥𝗬𝗣𝗧𝗢𝗚𝗥𝗔𝗣𝗛𝗬
13 |
This script generates a private key with the RSA encryption algorithm of 2048, then what it does is to convert the private key to a PEM format file, we write the key to the generated file. Then we generate the public key from the private key.
14 | Finally we pass the public key to an SSH file and write it to a file.
15 |
16 | References
17 |
https://pypi.org/project/cryptography/
18 |
19 | 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟 𝗥𝗨𝗟𝗘
20 |
This script is very customizable, as we can adjust it for our own needs, in this case I have made a rule to block ping, another rule to block RDP protocol, and the last rule allows TCP traffic from one subnet to another over port 80, in this case, the good thing about this is that you can change it to suit your needs.
21 |
22 | References
23 |
https://pypi.org/project/python-iptables/
24 |
25 | 𝗛𝗔𝗦𝗛 𝗖𝗔𝗟𝗖𝗨𝗟𝗔𝗧𝗢𝗥
26 |
27 |
28 | References
29 |
https://pypi.org/project/hashlib/
30 |
31 | 𝗣𝗔𝗦𝗦𝗪𝗢𝗥𝗗 𝗚𝗘𝗡𝗘𝗥𝗔𝗧𝗢𝗥
32 |
This password generation script, the first thing I have done is to create a function that creates the password with all the ASCII characters and digits with the string library, then create a JSON file, add an exception, and then call the function created and pass it as parameter 12 to make it as secure as possible, and finally the generated passwords will be dumped to the JSON file previously created.
33 |
34 | References
35 |
https://pypi.org/project/python-secrets/
36 |
https://docs.python.org/3/library/json.html
37 |
https://docs.python.org/es/3/library/string.html
38 |
39 | 𝗣𝗢𝗥𝗧 𝗦𝗖𝗔𝗡𝗡𝗘𝗥
40 |
The port scanner, I have created a function to scan all ports from 1 to 65535 and check if it is open and then close the connection. Out of the function we indicate the IP to which we want to scan and the ports. Finally we call the function, with the three parameters.
41 |
42 | References
43 |
https://docs.python.org/es/3/library/socket.html
44 |
45 | 𝗧𝗥𝗔𝗙𝗙𝗜𝗖 𝗔𝗡𝗔𝗟𝗬𝗭𝗘𝗥
46 |
This script is very short but powerful because it uses one of the best cybersecurity libraries such as scapy. I define a function, in this function it will verify if the packets are TCP and we indicate the TCP traffic and it indicates the size in bytes. With sniff we start capturing packets through the interface that we indicate, in this case eth0.
47 |
48 | References
49 |
https://scapy.net/
50 |
51 | 𝗪𝗘𝗕 𝗔𝗣𝗣 𝗦𝗖𝗔𝗡𝗡𝗘𝗥
52 |
This script to scan and analyze a web page we need the famous BeautifulSoup library. We indicate the URL that we want to scan, we collect the GET that we have answered the web that we indicate and we get the HTML and parse it using the library, and in this case, we get all the links on the page and finally iterate it with a for loop to show us all.
53 |
54 | References
55 |
https://pypi.org/project/requests/
56 |
https://pypi.org/project/beautifulsoup4/
57 |
58 |
59 |
--------------------------------------------------------------------------------
/Security Tools/Bandwidth/networkbandwidth.py:
--------------------------------------------------------------------------------
1 | #Javi_16018 - 10/12
2 | import psutil
3 |
4 | # Obtain the information of the network interface "eth0" or your network interface that you use.
5 | network_info = psutil.net_io_counters(pernic=True)["eth0"]
6 |
7 | # Get the bandwidth used in bytes
8 | bandwidth_used = network_info.bytes_sent + network_info.bytes_recv
9 |
10 | # Convert to megabytes
11 | bandwidth_used_mb = bandwidth_used / 1024 / 1024
12 |
13 | print(f"The following have been used {bandwidth_used_mb:.2f} MB of bandwidth.")
14 |
15 | # To obtain in gigabytes
16 | bandwidth_used_X = bandwidth_used / 1024 / 1024 / 1024
17 |
18 | # To obtain in kilobytes
19 | bandwidth_used_X = bandwidth_used / 1024
20 |
21 |
22 |
--------------------------------------------------------------------------------
/Security Tools/Bandwidth/requirements.txt:
--------------------------------------------------------------------------------
1 | psutil
--------------------------------------------------------------------------------
/Security Tools/Cryptography/requirements.txt:
--------------------------------------------------------------------------------
1 | cryptography
--------------------------------------------------------------------------------
/Security Tools/Cryptography/sshgenerator.py:
--------------------------------------------------------------------------------
1 | # Javier Ferrándiz Fernández - 22/12
2 | import os
3 | from cryptography.hazmat.primitives import serialization, padding
4 | from cryptography.hazmat.primitives.asymmetric import rsa, padding
5 |
6 |
7 | # Generate a private key with the RSA algorithm
8 | private_key = rsa.generate_private_key(
9 | public_exponent=65537,
10 | key_size=2048
11 | )
12 |
13 |
14 | # Convert private key to PEM format
15 | private_pem = private_key.private_bytes(
16 | encoding=serialization.Encoding.PEM,
17 | format=serialization.PrivateFormat.PKCS8,
18 | encryption_algorithm=serialization.NoEncryption()
19 | )
20 |
21 |
22 | # Write the private key to a file
23 | with open("private_key.pem", "wb") as f:
24 | f.write(private_pem)
25 |
26 | # Generate a public key from the private key
27 | public_key = private_key.public_key()
28 |
29 |
30 | # Serialize the public key to SSH format
31 | ssh_key = public_key.public_bytes(
32 | encoding=serialization.Encoding.OpenSSH,
33 | format=serialization.PublicFormat.OpenSSH
34 | )
35 |
36 | # Write the public key to a file
37 | with open("public_key.ssh", "wb") as f:
38 | f.write(ssh_key)
39 |
40 |
--------------------------------------------------------------------------------
/Security Tools/FirewallRule/firewallrule.py:
--------------------------------------------------------------------------------
1 | #Javi_16018
2 | import iptc
3 |
4 | # Create a new rule table
5 | table = iptc.Table(iptc.Table.FILTER)
6 |
7 | # Create a rule to block ping
8 | rule = iptc.Rule()
9 | rule.protocol = "icmp"
10 | rule.target = iptc.Target(rule, "DROP")
11 | table.append_rule(rule)
12 |
13 | # Create a rule to block the RDP protocol
14 | rule = iptc.Rule()
15 | rule.protocol = "tcp"
16 | rule.dport = 3389
17 | rule.target = iptc.Target(rule, "DROP")
18 | table.append_rule(rule)
19 |
20 | # Add rule to allow TCP traffic from subnet 192.168.1.0/24 to subnet 192.168.2.0/24 on port 80, in this case. On these lines you can modify what is convenient for you.
21 | rule = iptc.Rule()
22 | rule.src = "192.168.1.0/24"
23 | rule.dst = "192.168.2.0/24"
24 | rule.protocol = "tcp"
25 | rule.dport = 80
26 | rule.target = iptc.Target(rule, "ACCEPT")
27 | table.append_rule(rule)
28 |
29 | table.commit()
30 |
31 |
32 |
--------------------------------------------------------------------------------
/Security Tools/FirewallRule/requirements.txt:
--------------------------------------------------------------------------------
1 | python-iptables
--------------------------------------------------------------------------------
/Security Tools/Hash calculator/hash.py:
--------------------------------------------------------------------------------
1 | import hashlib
2 |
3 | # We first compute hashes of text strings and then of files.
4 | # The text string for which you want to calculate the hash.
5 | txt = "Hello World!"
6 |
7 | # Creates a hash object using the SHA256 algorithm.
8 | hash_object = hashlib.sha256()
9 |
10 | # Updates the hash object with the text string.
11 | hash_object.update(txt.encode())
12 |
13 | # Get the hash in hexadecimal form.
14 | hex_hash = hash_object.hexdigest()
15 |
16 |
17 | filename = "example.txt"
18 |
19 | hash_object2 = hashlib.sha256()
20 |
21 | # Opens the file in binary read mode
22 | with open(filename, 'rb') as file:
23 | # Reads the contents of the file in blocks
24 | chunk = file.read(1024)
25 | while chunk:
26 | hash_object2.update(chunk)
27 | chunk = file.read(1024)
28 |
29 | hex_hash2 = hash_object2.hexdigest()
30 |
31 | # Displays the hash.
32 | print(hex_hash)
33 |
34 | # Displays the file hash.
35 | print(hex_hash2)
--------------------------------------------------------------------------------
/Security Tools/Hash calculator/requirements.txt:
--------------------------------------------------------------------------------
1 | hashlib
--------------------------------------------------------------------------------
/Security Tools/Password_Generator/passwd_gen.py:
--------------------------------------------------------------------------------
1 | # Javier Ferrándiz Fernández - 21/09/2023 - https://github.com/javisys
2 | import secrets
3 | import json
4 | import string
5 |
6 | def create_passwd(length):
7 | all_characters = string.ascii_letters + string.digits
8 | passwd = ""
9 |
10 | for _ in range(length):
11 | passwd += secrets.choice(all_characters)
12 | return passwd
13 |
14 | file_name = "passwd.json"
15 |
16 | passwd_exists = {}
17 | try:
18 | with open(file_name, "r") as file:
19 | passwd_exists = json.load(file)
20 | except FileNotFoundError:
21 | pass
22 |
23 | new_passwd = create_passwd(12)
24 |
25 | # passwd_exists.append(new_passwd)
26 | passwd_label = "password_" + str(len(passwd_exists) + 1)
27 | passwd_exists[passwd_label] = new_passwd
28 |
29 | with open(file_name, "w") as file:
30 | json.dump(passwd_exists, file, indent=4)
31 |
32 | print(new_passwd)
33 |
34 |
--------------------------------------------------------------------------------
/Security Tools/Password_Generator/requirements.txt:
--------------------------------------------------------------------------------
1 | secrets
2 | json
3 | string
4 |
--------------------------------------------------------------------------------
/Security Tools/Port scanner/portscanner.py:
--------------------------------------------------------------------------------
1 | #Javi_16018 - Mod 07/11/2023
2 | import socket, sys, argparse
3 |
4 | # Runs through each port from 1 to 65535
5 | def scan_ports(ip, start_port, end_port):
6 | for port in range(start_port, end_port + 1):
7 | try:
8 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
9 | s.settimeout(2)
10 | result = s.connect_ex((ip, port))
11 | type_service = port_name_service(port)
12 |
13 | if result == 0:
14 | print(f"{ip} : Open port: {port}, Service: {type_service}", file=sys.stdout)
15 |
16 | # Close the socket
17 | s.close()
18 |
19 | except: continue
20 |
21 | # Obtains the service name if available
22 | def port_name_service(num_port):
23 | try:
24 | service_name = socket.getservbyport(num_port)
25 | return service_name
26 | except:
27 | return "unknown"
28 |
29 | # ------------------------------------------------------------------------------------->
30 |
31 | # Script arguments
32 | parser = argparse.ArgumentParser()
33 | parser.add_argument('-i', metavar='[x.x.x.x]', help='ip address')
34 | parser.add_argument('-p', metavar='[0:65535]', help='port range')
35 | args = parser.parse_args()
36 |
37 | # Port arguments
38 | if args.p:
39 | try:
40 | start_port, end_port = args.p.split(":"); start_port, end_port = int(start_port), int(end_port)
41 |
42 | # Stops the code if the port range is incorrect
43 | if start_port > 65535 or end_port > 65535 : print("Invalid port range", file=sys.stderr); sys.exit(1)
44 | elif start_port > end_port : print("Initial range greater than final range", file=sys.stderr); sys.exit(1)
45 |
46 | except:
47 | print(f"Invalid port range", file=sys.stderr); sys.exit(1)
48 |
49 | # IP Arguments
50 | if args.i: ip_address = args.i
51 |
52 |
53 | # Port scanning is performed
54 | try:
55 | scan_ports(ip_address, start_port, end_port)
56 | except:
57 | print(f"Error: Failed to execute the command, please check the arguments, use --help", file=sys.stderr); sys.exit(1)
58 |
--------------------------------------------------------------------------------
/Security Tools/Port scanner/requirements.txt:
--------------------------------------------------------------------------------
1 | socket
2 | sys
3 | argparse
--------------------------------------------------------------------------------
/Security Tools/Traffic analyzer/requirements.txt:
--------------------------------------------------------------------------------
1 | scapy
--------------------------------------------------------------------------------
/Security Tools/Traffic analyzer/trafficanalyzer.py:
--------------------------------------------------------------------------------
1 | from scapy.all import *
2 |
3 | # Function that will be executed when a packet is received.
4 | def packet_callback(packet):
5 | if packet[TCP]:
6 | print(f"Paquete TCP de {packet[IP].src} a {packet[IP].dst}")
7 | print(f"Puertos: {packet[TCP].sport} -> {packet[TCP].dport}")
8 | print(f"Tamaño: {len(packet)} bytes")
9 |
10 | # Starts packet capture on network interface "eth0".
11 | sniff(iface="eth0", prn=packet_callback, filter="tcp")
12 |
--------------------------------------------------------------------------------
/Security Tools/Webappscanner/requirements.txt:
--------------------------------------------------------------------------------
1 | requests
2 | bs4
--------------------------------------------------------------------------------
/Security Tools/Webappscanner/webappscanner.py:
--------------------------------------------------------------------------------
1 | import requests
2 | from bs4 import BeautifulSoup
3 |
4 | # URL of the web application to be scanned.
5 | url = "http://example.com/"
6 |
7 | # a GET request is sent to the URL.
8 | response = requests.get(url)
9 |
10 | # The HTML of the page is obtained.
11 | html = response.text
12 |
13 | # The HTML is parsed using the Beautiful Soup library.
14 | soup = BeautifulSoup(html, 'html.parser')
15 |
16 | # Find all links in the HTML.
17 | links = soup.find_all('a')
18 |
19 | # Scrolls through each link and displays its URL.
20 | for link in links:
21 | print(link.get('href'))
22 |
--------------------------------------------------------------------------------