Skip to content

denv3rr/network-explorer

BranchesTags

Repository files navigation

Python GitHub repo size GitHub Created At Last Commit Issues License Website

image image image



About

A Python tool for quick network and host security assessment.

Features

  • Main Menu
    • Launch without flags or arguments to access a user-friendly menu.
  • Wi-Fi scanning
    • Lists visible networks, channels, BSSIDs, signal strength, and optional BSSID/IP geolocation.
  • Port scanning
    • Top TCP (Fast), Full Connect, and UDP (Payload Probe) modes.
  • Bluetooth scanning
    • Discovers nearby BLE devices with RSSI signal strength and metadata (using bleak).
  • OS security checks
    • Detects Firewall status and Antivirus presence on Windows, Linux, and macOS.
  • Network metadata scanning
    • Identifies connection type (Wired/Wi-Fi), local identity, public IP, ISP, ASN, and geographic info.
  • Outbound testing (Web/DNS)
    • Safe by default with very low request rate; optional active probing with explicit warning/acknowledgement.
    • External OSINT (RDAP, DNS-over-HTTPS, GeoIP) only when --external is enabled.
  • Full Scan mode
    • One-click execution of all modules with intelligent defaults.

Quick Start

Run:

git clone https://github.com/denv3rr/network-explorer.git
cd network-explorer
python run.py

Manual Installation

1. Check Requirements

  • Python 3.9+

  • Modules auto-installed at runtime via requirements.txt (you may be prompted). See Quick Start above.

    • Set NEX_AUTO_INSTALL=1 to allow auto-install without prompts.
    • requests
    • ifaddr
    • texttable
    • bleak
    • colorama

  • or install with this command before running:

pip install -r requirements.txt

2. Clone or Download

  • Clone

    • git clone https://github.com/denv3rr/network-explorer.git
cd network-explorer

  • Download

3. Run

python run.py

Specific Usage

Basic commands

Action Command
Quick Start python run.py
Run all modules python run.py --all
Wi-Fi scan only python run.py --wifi
Port scan (top) python run.py --ports
Port scan (custom range) python run.py --ports 1-2000
Port scan profile python run.py --ports --profile aggressive
Port scan rate limit python run.py --ports --rate 200
Network metadata (wired support) python run.py --network
OS security check python run.py --os
Bluetooth scan python run.py --bluetooth
Outbound testing (safe, low-rate) python run.py --outbound example.com
Outbound testing with OSINT python run.py --outbound example.com --external
Outbound testing (active) python run.py --outbound example.com --outbound-active --active-ok
Outbound testing with rate limit python run.py --outbound example.com --outbound-rate 5
Outbound active requires ack --active-ok must be supplied to proceed
Allow external lookups python run.py --network --external
Skip confirmation prompts python run.py --all --yes
Wi-Fi diagnostic dump python run.py --wifi --wifi-diag
Specify Wi-Fi interface python run.py --wifi --wifi_interface "Wi-Fi"

Flags

Safe vs Active

  • Safe mode: Minimal, low-rate requests and passive checks only.
  • Active mode: Sends additional probes (paths/methods); requires --outbound-active and --active-ok.

FAQ

Does safe mode avoid touching the target?
Safe mode still makes low-rate HTTP/DNS requests to the target; it is designed to be low-impact, not invisible.

How do I enable external OSINT?
Use --external to allow RDAP, DNS-over-HTTPS, and GeoIP lookups.

Why do I need --active-ok?
Active probing can trigger alerts or violate acceptable use; explicit acknowledgement is required.

General

  • --external: Allow external lookups (public IP, MAC vendor, OSINT).
  • --yes: Skip confirmation prompts.
  • --json <file>: Write full results to a JSON file.

Port Scanning

  • --ports [start-end]: Run port scan (default 1-1024 when provided).
  • --profile safe|normal|aggressive: Port scan profile.
  • --rate <ports/sec>: Rate limit ports/sec per host.
  • --timeout <seconds>: Socket timeout.
  • --workers <count>: Worker threads.
  • --no-banner: Skip banner grabbing.

Wi-Fi

  • --wifi: Run Wi-Fi scan.
  • --wifi_interface "<name>": Specify Wi-Fi interface.
  • --wifi-diag: Print diagnostic netsh output.
  • --geo: Enable Wi-Fi geolocation (requires --external).

Outbound Testing

  • --outbound [target]: Run outbound testing (safe by default).
  • --outbound-active: Enable active outbound probing (requires acknowledgement).
  • --active-ok: Acknowledge active probing risk to proceed.
  • --outbound-rate <req/sec>: Rate limit outbound requests (defaults to low-rate safe mode).

Deprecated

Logs

  • Logs are automatically written to the logs/ directory.
  • Files follow timestamp format: 
    NEX_YYYYMMDD_HHMMSS.log
  • Old logs (>7 days) are automatically pruned.

Troubleshooting

Issue Fix
Wi-Fi scan shows “No Wi-Fi data.” Ensure Wi-Fi adapter is enabled and, on Windows, run as Administrator with Location Services ON.
No results on wired connection Use --network to retrieve public IP and geolocation via IP-based lookup.
Permission errors (Linux/macOS) Run with sudo if needed for raw socket access.

About

Quick network and host audit

seperet.com

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages