Skip to content

Ak-wa/PortWard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
emailfile.txt
emailfile.txt
 
 
hostfile.txt
hostfile.txt
 
 
portward.py
portward.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

PortWard - Minimalistic Port Surveillance

python size lastcommit follow

PortWard is a tool developed for checking a list of assets/hosts for critical ports (e.g RDP) and sending an email to you with the results, in case of a critical port being open.

How does it work?

  • PortWard checks a list of IPs/hostnames for specific Ports using nmap
  • In case it finds an IP/hostname with one or more specific ports open
    -> sends an email to you, including those hosts and ports each

Why PortWard?

  • Made for running in Crontab
  • Easy to set up and configure
  • Minimalistic email design, no unnecessary stuff
  • No need for setting up your own server, gmail is perfectly fine
  • Easy usable in other projects

Setup (Tested on Debian 10 Buster & Kali Linux 2020.1)

Step 1 - prerequisites

apt install msmtp msmtp-mta mailutils nmap
git clone https://github.com/Ak-wa/PortWard.git
cd PortWard
pip3 install -r requirements.txt

Step 2 - setting up portward mail sender

Enable "less secure apps" in your google account:
https://myaccount.google.com/lesssecureapps

Mail configuration: nano /etc/msmtprc
with the following content:

# Set default values for all following accounts.
defaults
port 587
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt

account gmail
host smtp.gmail.com
from <YOUR EMAIL@gmail.com>
auth on
user <YOUR EMAIL USERNAME>
password <password>

# Set a default account
account default : gmail

Making sure the file is not available for everyone:

chmod 600 /etc/msmtprc

Define mail program: nano /etc/mail.rc with the following content:
set sendmail="/usr/bin/msmtp -t"

If you want to change the ports scanned or somehow change the nmap command used, yet in code you have to change the following line:
line 35: output = subprocess.Popen(f"nmap {target} -p3389-3395 --open -Pn | grep open", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).communicate()[0]

NOTE: if you want to know what you are doing, here's the manual: https://marlam.de/msmtp/msmtp.html
same applies if you want to encrypt the password and not store it in the config.

Usage

1. Command line

python3 portward.py <hostfile> <emailfile>
<hostfile> is your file of target hosts to scan
<emailfile> is your file of emails to send the reports to

2. Crontab

In the cloned PortWard folder:

mkdir /usr/share/portward
cp hostfile.txt /usr/share/hostfile.txt
cp emailfile.txt /usr/share/emailfile.txt
cp portward.py /usr/share/portward/portward.py

crontab -e with the following example content:
*/5 * * * * /usr/bin/python3 /usr/share/portward/portward.py /usr/share/portward/hostfile.txt /usr/share/portward/emailfile.txt | tee /usr/share/portward/portward.log
Attention, in this example configuration it will scan the IPs every 5 Minutes, so make sure to change that.
With tee you can keep a log of the portward scan, in the example crontab it defaults to /usr/share/portward/portward.log

About

Minimalistic Port Surveillance - Python 3.x

Topics

crontab python3 portscan scheduled-messages portscanning

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages