Vulnerability detection and packet sniffing Tool
VulnSniff is a network packet sniffer integrated with vulnerability detection, designed to enhance network security by analyzing traffic and identifying potential vulnerabilities. Leveraging Nmap for vulnerability scanning. However, VulnSniff allows users to capture and inspect network packets while providing insights into security risks,making it a valuable tool for penetration testers, network administrators, and security enthusiasts.
- Real-Time packet capture and analysis
- Seamless integration with Nmap for Vulnerability detection
- Customizable filters for targeted packet sniffing
- user-friendly GUI for easy interaction
- supports multiple network protocols VulnSniff is built with security in mind,ensuring reliable network monitoring while offering advanced vulnerability detection capabilities.
[ !NOTE] The following are strictly required to run this Tool on your local machine python 3.8 or higher ubuntu/Linux or windows Nmap (for vulnerability scanning) user must have administrative privileges (e.g., 'sudo'access)
- Clone the Repository:```bash git clone https://github.com/KidiIT/VulnSniff.git
cd VulnSniff
- set up a virtual Environement(Optional but Recommended)
python3 -m venv venv
source venv/bin/activate
python -m venv venv
venv\Scripts\activate
- Install Dependencies firstly do this before installation :
$. pip freeze > requirements.txt
$. pip install -r requirements.txt
- Install Nmap(if not already installed):
sudo apt-get install nmap
brew install nmap
To start using VulnSniff, run the following command: sudo python3 packet_sniffer.py --interface eth0 --scan-target 192.168.1.1
.--interface: Specify the network interface to sniff packets. .--scan-target:Provide the IP address or network range to scan for vulnerabilities
- Identify your network interface: ifconfig
- Run VulnSniff on your chosen interface: sudo python3 packet_sniffer.py --interface eth0
VulnSniff project is an open-source and free to use under MIT License. Contributions are welcome. please fork the repository and submit pull request.
- if you get a "permission denied" error, try running the tool with
sudo
- if the tool doesn't recognize Nmap, ensure it is installed and available in your path.
- most importantly, this error "No module named scapy" you'll often experience this error.
Run this code on your command-line to install the right scapy.all on your Ubuntu Linux machine: sudo apt-get install python3-scapy
4. lastly,please I'll recommend you update your Ubuntu from wls1 to wls2.
Steps to update your ubuntu from wls1 to wls2 on Windows(Recommended if you're running wls1 on your Linux machine)
- On your Windows, open the powershell terminal as an adminstrator
- when done, like wls after which you'll logged in as the root-user just like on your Linux operating system.
this command sets the WSL version for your ubuntu distribution from the windows side. Make sure to run PowerShell as an administrator for the command to work.
- Deactivate the virtual environemnt(if activated):
$ deactivate
Remove the cloned directory: $ rm -rf VulnSniff
In conclusion, I'm so overwhelmed sharing this tremendous and proactive Tool with the Open Source community. I hope y'all wll enjoy and have the best vulneriability spart canning experience with my Tool. Thanks for being part of my career journey as a cybersecurity professionals and a security researcher.
I'm excited to announce a major update to VulnSniff! this release introduces new features designed to enhance security monitoring and make it even easier to detect potential threats in real-time. Thank you to the open-Source community for your continued support and contributions.
- Real-Time Slack Alerts: VulnSniff now integrates seamlessly with Slack for real-time notifications. Any detected activity from specified IPs or ports is instantly sent to your designated Slack channel, ensuring your security team is always informed of suspicious network behavior.
- Configurable IP and Port Filtering: Easily customize VulnSniff to filter specific IP addresses and ports through the config.yaml file. this allows precise monitoring of high-risk or specific IPs and ports, helping you focus on the traffic that matters most.
- Improved Error Handling and Stability: The new version includes enhanced error handling for reliable performance, with informative error handling messages if Slack notification fail to send
- Easy-to-Configure Webhook URL: We've simplified the Slack webhook configuration, letting you add or update it directly from the config.yaml file. This improvement makes setting up or modifying alert configurations straightforward.
- Download or update VulnSniff: https://github.com/KidiIT/VulnSniff/releases
- Edit the config.yaml: Customize IP and port filters, and add your Slack webhook URL for real-time alerts
- Run the Tool: Start VulnSniff and monitor packets in real-time with immediate feedback on potentially malicious activities.
Check out the updated README.md and CHANGELOG for detailed instructons on configuring and using the new features.
We'd love your feedback! Feel free to open issues for bug reports suggest features or contribute to the project. Let's continue to build VulnSniff together and make it even more powerful 🥇