ajout cheat_sheet

ajout port scanner
2026-04-23 18:00:21 +02:00 · 2026-04-23 17:59:56 +02:00
4 changed files with 326 additions and 0 deletions
--- a/cheat_sheet/modules.md
+++ b/cheat_sheet/modules.md
@@ -0,0 +1,93 @@
 # 🐍 Core Python (your foundation)
 These are built-in. You’ll use them everywhere.
 * `socket` → low-level networking (port scanners, connections)
 * `subprocess` → run system commands (e.g. `ping`, `nmap`)
 * `os` → interact with the operating system
 * `sys` → handle arguments and runtime behavior
 * `threading` / `concurrent.futures` → speed up scans
 * `time` → delays, timing attacks (basic)
 * `re` → regex (log analysis, pattern detection)
 * `json` → handle API and structured data
 * `argparse` → clean CLI tools (very useful)
 ---
 # 🌐 Networking & Web
 Where most beginner cybersecurity action happens.
 * `requests` → send HTTP requests (GET, POST, etc.)
 * `urllib` → lower-level web handling
 * `http.client` → raw HTTP interactions
 👉 You’ll use these for:
 * Web scanners
 * API testing
 * Automation scripts
 ---
 # 🍲 Parsing & Scraping
 Turning messy data into something useful.
 * `BeautifulSoup` (bs4) → parse HTML
 * `lxml` → faster HTML/XML parsing
 👉 Useful for:
 * Extracting forms and inputs
 * Web reconnaissance
 ---
 # 🔍 Security & Scanning
 More “cyber-flavored” tools.
 * `scapy` → packet crafting/sniffing (very powerful)
 * `nmap` (via `python-nmap`) → automate scans
 * `shodan` → search exposed devices (API)
 👉 These unlock:
 * Network analysis
 * Recon automation
 ---
 # 🔐 Cryptography & Hashing
 For passwords, encryption, and security logic.
 * `hashlib` → hashing (MD5, SHA256, etc.)
 * `hmac` → message authentication
 * `cryptography` → encryption/decryption (advanced)
 👉 Use cases:
 * Password crackers
 * Hash verification
 ---
 # 📂 File & Log Analysis
 Blue team territory.
 * `pandas` → analyze large datasets/logs
 * `csv` → parse log files
 * `collections` → count patterns (e.g. IP frequency)
 ---
 # ⚙️ CLI & Tooling (make your scripts look pro)
 * `argparse` → command-line arguments
 * `colorama` → colored terminal output
 * `rich` → beautiful CLI dashboards
 ---
--- a/cheat_sheet/socket.md
+++ b/cheat_sheet/socket.md
@@ -0,0 +1,153 @@
 The `socket` module is where Python stops being polite and starts speaking raw network 🧩📡
 Here’s a **clean, practical cheat sheet** you’ll actually use when building cyber tools.
 ---
 # 🐍 `socket` Cheat Sheet (Cybersecurity Edition)
 ## 🔌 Create a Socket
 ```python
 import socket
 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 ```
 * `AF_INET` → IPv4
 * `SOCK_STREAM` → TCP
 * (use `SOCK_DGRAM` for UDP)
 ---
 ## 🌐 Connect to a Target (Client)
 ```python
 s.connect(("127.0.0.1", 80))
 ```
 👉 Used in:
 * Port scanners
 * Banner grabbing
 ---
 ## 📤 Send Data
 ```python
 s.send(b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n")
 ```
 * Must be **bytes** (`b""`)
 ---
 ## 📥 Receive Data
 ```python
 response = s.recv(1024)
 print(response.decode())
 ```
 * `1024` = buffer size
 ---
 ## ❌ Close Connection
 ```python
 s.close()
 ```
 ---
 # 🔍 Port Scanner Example (core pattern)
 ```python
 import socket
 target = "127.0.0.1"
 for port in range(1, 1025):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(2)
    result = s.connect_ex((target, port))
    if result == 0:
        print(f"Port {port} is open")
    s.close()
 ```
 🔥 Key trick:
 * `connect_ex()` returns `0` if open (no crash, cleaner)
 ---
 # ⏱️ Timeout (avoid freezing forever)
 ```python
 s.settimeout(1)
 ```
 Without this, your scanner becomes a fossil 🦴
 ---
 # 🖥️ Simple Server (Listener)
 ```python
 import socket
 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 s.bind(("0.0.0.0", 4444))
 s.listen(1)
 conn, addr = s.accept()
 print(f"Connection from {addr}")
 data = conn.recv(1024)
 print(data.decode())
 conn.close()
 ```
 👉 Used in:
 * Backdoor simulations
 * Reverse shells (ethical labs only)
 ---
 # 📡 UDP Socket (connectionless)
 ```python
 s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
 s.sendto(b"Hello", ("127.0.0.1", 53))
 ```
 ---
 # 🧠 Useful Methods Quick List
 * `socket()` → create socket
 * `connect()` → connect to server
 * `connect_ex()` → safer connect
 * `send()` / `sendall()` → send data
 * `recv()` → receive data
 * `bind()` → attach to IP/port
 * `listen()` → wait for connections
 * `accept()` → accept connection
 * `close()` → close socket
 ---
 # ⚠️ Common Mistakes
 * Forgetting `.close()` → zombie sockets
 * Not using timeout → slow scans
 * Sending string instead of bytes → 💥 error
 * Scanning too fast → gets blocked
--- a/port_scanner/main.py
+++ b/port_scanner/main.py
@@ -0,0 +1,45 @@
 import socket
 import sys
 import datetime
 target = socket.gethostbyname(sys.argv[1])
 today = datetime.datetime.now()
 title = f"{target}_{today.year}_{today.month}_{today.day}_{today.hour}-{today.minute}.md"
 print(f"Scanning target: {target}")
 print(f"Output file: {title}\n")
 with open(title, "a") as f:
    for port in range(1, 65535):  
        try:
            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            s.settimeout(1)
            result = s.connect_ex((target, port))
            if result == 0:
                print(f"[+] Port {port} is open")
                banner = ""
                try:
                    # Only send HTTP request to common web ports
                    if port in [80, 8080, 8000]:
                        s.send(b"GET / HTTP/1.1\r\nHost: test\r\n\r\n")
                    banner = s.recv(1024).decode(errors="ignore").strip()
                except:
                    banner = "No banner"
                line = f"[+] {target}:{port} → {banner}\n"
                print(line)
                f.write(line)
            s.close()
        except KeyboardInterrupt:
            print("\nScan interrupted.")
            sys.exit()
        except Exception:
            pass
--- a/port_scanner/readme.md
+++ b/port_scanner/readme.md
@@ -0,0 +1,35 @@
 ## Simple Port Scanner & Banner Grabber
 ### 🇬🇧 English
 This project is a simple Python-based port scanner with basic banner grabbing capabilities. It scans a target host for open ports and attempts to retrieve service information from responsive ports.
 The tool is designed as a learning project to explore networking concepts, socket programming, and basic reconnaissance techniques used in cybersecurity.
 **Features:**
 * Scan a range of TCP ports
 * Detect open ports
 * Perform basic banner grabbing
 * Save results to a Markdown file
 **Purpose:**
 This tool is intended for educational use only. It helps understand how network services respond to connections and how information gathering works in real-world scenarios.
 ---
 ### 🇫🇷 Français
 Ce projet est un scanner de ports simple en Python avec des fonctionnalités basiques de récupération de bannières (banner grabbing). Il permet de scanner une machine cible pour détecter les ports ouverts et d’obtenir des informations sur les services actifs.
 Cet outil est conçu comme un projet d’apprentissage pour explorer les concepts de réseau, la programmation avec les sockets et les techniques de reconnaissance en cybersécurité.
 **Fonctionnalités :**
 * Scan d’une plage de ports TCP
 * Détection des ports ouverts
 * Récupération basique des bannières
 * Sauvegarde des résultats dans un fichier Markdown
 **Objectif :**
 Cet outil est uniquement destiné à un usage éducatif. Il permet de comprendre comment les services réseau répondent aux connexions et comment fonctionne la phase de collecte d’informations en conditions réelles.
Author	SHA1	Message	Date
mrsh	fd4c3328b3	ajout cheat_sheet	2026-04-23 18:00:21 +02:00
mrsh	2d4f5a9f4d	ajout port scanner	2026-04-23 17:59:56 +02:00