-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathNetGuard.py
75 lines (58 loc) · 2.24 KB
/
NetGuard.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import click
from scapy.all import *
from sniff import ipClassification, PortScan, ARPspoofing, SSHAnalyser, ICMPspoofing, PortScanning, SYNscan, SmurfAttack
@click.group()
def Netguard():
pass
@Netguard.command()
def ip_detector():
print("Starting packet sniffer...")
sniff(filter="ip", prn=ipClassification.packet_callback)
@Netguard.command()
def port_scan_detector():
print("Checking for port scans...")
while True:
sniff(prn=PortScan.packet_callback, filter="tcp", store=0, timeout=PortScan.time_window)
PortScan.check_port_scan()
time.sleep(PortScan.time_window)
@Netguard.command()
def arp_spoofing_detector():
try:
print("[*] Démarrage de la détection de spoofing ARP")
sniff(filter="arp", prn=ARPspoofing.arp_display, store=0, count=0)
# Capturer les paquets ARP
except KeyboardInterrupt:
print("[*] Arrêt de la détection de spoofing ARP")
exit(0)
@Netguard.command()
def icmp_spoofing():
# Commence la capture de paquets ICMP et appelle la fonction detect_unsolicited_ping pour chaque paquet capturé
print("Démarrage de la détection ICMP")
sniff(filter="icmp",prn=ICMPspoofing.detect_unsolicited_ping)
@Netguard.command()
def ssh_brut_force_detector():
print("Checking for SSH brute force attack...")
sniff(filter="ip",prn=SSHAnalyser.SSHAnalysis)
@Netguard.command()
def port_scanning():
print("Checking for Port Scanning...")
sniff(prn=PortScanning.detect_port_scan, filter="tcp")
@Netguard.command()
def syn_scan():
print("Checking for Port Scanning...")
sniff(prn=SYNscan.detect_port_scan, filter="tcp")
@Netguard.command()
def Smurf_Attack_detector():
print("Checking for posible smurf attack...")
# Sniffe les paquets ICMP et appelle la fonction detect_smurf_attack pour chaque paquet reçu
sniff(filter="icmp", prn=SmurfAttack.detect_smurf_attack)
Netguard.add_command(ip_detector)
Netguard.add_command(port_scan_detector)
Netguard.add_command(ssh_brut_force_detector)
Netguard.add_command(arp_spoofing_detector)
Netguard.add_command(port_scanning)
Netguard.add_command(syn_scan)
Netguard.add_command(Smurf_Attack_detector)
Netguard.add_command(icmp_spoofing)
if __name__ == '__main__':
Netguard()