Skip to content
/ Above Public
forked from casterbyte/Above

Sniff-based Network Vulnerability Scanner

License

Notifications You must be signed in to change notification settings

Sh1Fu/Above

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

82 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Above

Network Vulnerability Scanner by Caster

Automates the search for network vulnerabilities, designed for pentesters, Red Team operators, and network security engineers

                                                      ####################################################################################################
                                                      ####################################################################################################
                                                      ######P~~~!J5GB#####G~~~!YG#################B?!G##########5~~~75G#############5~~!5########G7~~Y####
                                                      ######Y  .^.  .?####P  :~..:!JPB###########5:  .?B########J  :^..:!YG#########Y    !P####B7.   ?####
                                                      ######Y  7&#G5JY####P. 7#BPJ~:.:!JP######G!  ?Y: :5#######Y  7#G57^..:!JP#####Y  ?J  7GBJ. 7J  ?####
                                                      ######Y  :J5G#&&####P. 7##&&&G?.  !B###BJ. ~P#&B7  !G#####Y  7##&&#P!   !B####Y  7&G! .. ^5&Y  ?####
                                                      ######Y  ..  .^J####P. 7&#GJ~..~JG####5^ :Y######P~ .JB###Y  ?&B57:.:!JG######Y  7###P~^Y###J  ?####
                                                      ######Y  !#G5J!J####P. ^7^.:75B#######7  !B&######?  ^G###Y  ^~. :75B#########Y  7##########J  ?####
                                                      ######Y  !##########P. :^. ^JG#########P^ .J####5^ .J#####Y  .~JG#############Y  7##########J  ?####
                                                      ######Y  !##########P. 7#GY!. :75B#######J. ^PG7  7G######Y  7&###############Y  7##########J  ?####
                                                      ######Y  !##########P. 7###&#P?. .!B######G7  . ^5########Y  7################Y  7##########J  ?####
                                                      ######Y  !##########P. 7###BP?~..~?B######&P:   J#########Y  7################Y  7##########J  ?####
                                                      ######Y  !##########P. !GJ~..^75B########B7  !?. ~P#######Y  7################Y  7##########J  ?####
                                                      ######Y  !##########P   .:!YG##########BJ. ^5#&G!  7G#####J  7################Y  !##########J  ?####
                                                      ######GYJP##########BYYYPB#############GJJYB#####5JJP#####GJJP################GJJP##########GYJP####
                                                      ########&##################################################&&###################&#############&#####
                                                      ####################################################################################################

                                                                                          Network Vulnerability Scanner
                                                                                         VERSION: 2.0, CODENAME: JOANNA
                                                                                Author: Caster, @c4s73r, <[email protected]>
usage: Above.py [-h] --interface INTERFACE --timeout TIMEOUT [--resolve-mac] [--promisc-linux] [--cdp] [--dtp] [--mndp] [--macsec] [--pvst] [--lldp] [--ospf] [--eigrp] [--esrp] [--edp] [--vrrp] [--hsrp]
                [--stp] [--glbp] [--llmnr] [--nbns] [--mdns] [--dhcpv6] [--fullscan]

options:
  -h, --help            show this help message and exit
  --interface INTERFACE
                        Specify your interface
  --timeout TIMEOUT     Specify the timeout. How much time to sniff
  --resolve-mac         Resolve hardware MAC or not
  --promisc-linux       Enable promisc mode for interface
  --cdp                 CDP Scan
  --dtp                 DTP Scan
  --mndp                MNDP Scan
  --macsec              MACSec Scan
  --pvst                PVST Scan
  --lldp                LLDP Scan
  --ospf                OSPF Scan
  --eigrp               EIGRP Scan
  --esrp                ESRP Scan
  --edp                 EDP Scan
  --vrrp                VRRP Scan
  --hsrp                HSRP Scan
  --stp                 STP Scan
  --glbp                GLBP Scan
  --llmnr               LLMNR Scan
  --nbns                NBNS Scan
  --mdns                MDNS Scan
  --dhcpv6              DHCPv6 Scan
  --fullscan            Scan all protocols

Mechanics

This script is based on a sniff of network traffic. "Above" is fully autonomous and works in passive mode, creating no noise on the air.
Since the 2.0 release, it supports 18 protocols

MACSec (802.1AE)
DTP (Dynamic Trunking Protocol)
EDP (Extreme Discovery Protocol)
CDP (Cisco Discovery Protocol)
LLDP (Link Layer Discovery Protocol)
MNDP (Mikrotik Neighbor Discovery Protocol)
OSPF (Open Shortest Path First)
EIGRP (Enhanced Interior Gateway Routing Protocol)
VRRP (Virtual Router Redundancy Protocol)
HSRP (Host Standby Redundancy Protocol)
ESRP (Extreme Standby Router Protocol)
GLBP (Gateway Load Balancing Protocol)
STP (Spanning Tree Protocol)
PVST (Per VLAN Spanning Tree)
LLMNR (Link Local Multicast Name Resolution)
NBT-NS (NetBIOS Name Service)
MDNS (Multicast DNS)
DHCPv6 (Dynamic Host Configuration Protocol v6)

The scanner waits for the following arguments as input:

  • Network interface
  • Timeout: The amount of time that a packet will be waiting for, according to the filters inside the scanner. It is recommended to set 300 seconds.
  • Protocol
  • Promisc Mode
  • Resolve MAC: Vendor detection by MAC (requires Internet access, creates a little noise in the form of HTTP requests

Example (OSPF and VRRP protocol scan):

sudo python3 Above.py --interface eth0 --timeout 60 --ospf --vrrp

Full scan example:

sudo python3 Above.py --interface eth0 --timeout 300 --fullscan --promisc-mode --resolve-mac

When the tool finishes analyzing the protocol, it outputs a little information about its configuration, the impact from the attack, which tool the attacker uses

Install

"Above" requires some dependencies to be installed. If necessary, you can use virtualenv

pip3 install -r requirements.txt

Last Word

This tool is dedicated to the track "View From Above (Remix)" by KOAN Sound
The 2.0 release greatly enhanced this scanner within its capabilities. Joanna, thank you for your inspiration and love. This is dedicated to you.

About

Sniff-based Network Vulnerability Scanner

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%