creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-external-network-penetration-test/scripts/agent.py
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

147 lines
5.6 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""Agent for performing external network penetration test reconnaissance and scanning."""
import json
import argparse
import subprocess
import socket
from datetime import datetime
def tcp_port_scan(host, ports=None):
"""Scan common TCP ports on a target host."""
if ports is None:
ports = [21, 22, 23, 25, 53, 80, 110, 135, 139, 143, 443, 445,
993, 995, 1433, 1521, 3306, 3389, 5432, 5900, 8080, 8443]
results = []
for port in ports:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(2)
try:
sock.connect((host, port))
try:
banner = sock.recv(1024).decode("utf-8", errors="replace").strip()[:200]
except Exception:
banner = ""
results.append({"port": port, "state": "open", "banner": banner})
except (socket.timeout, ConnectionRefusedError, OSError):
pass
finally:
sock.close()
return {"host": host, "open_ports": results, "scanned": len(ports), "timestamp": datetime.utcnow().isoformat()}
def run_nmap_scan(target, scan_type="quick"):
"""Run nmap scan against target."""
scan_args = {
"quick": ["-sV", "-T4", "--top-ports", "100"],
"full": ["-sV", "-sC", "-p-", "-T3"],
"vuln": ["-sV", "--script", "vuln", "--top-ports", "1000"],
"udp": ["-sU", "--top-ports", "50", "-T4"],
}
args = scan_args.get(scan_type, scan_args["quick"])
cmd = ["nmap", "-oX", "-"] + args + [target]
try:
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
import xml.etree.ElementTree as ET
root = ET.fromstring(result.stdout)
hosts = []
for host in root.findall(".//host"):
addr = host.find("address").get("addr", "") if host.find("address") is not None else ""
ports = []
for port in host.findall(".//port"):
state = port.find("state")
service = port.find("service")
ports.append({
"port": int(port.get("portid", 0)),
"protocol": port.get("protocol", ""),
"state": state.get("state", "") if state is not None else "",
"service": service.get("name", "") if service is not None else "",
"version": service.get("product", "") + " " + service.get("version", "") if service is not None else "",
})
hosts.append({"ip": addr, "ports": ports})
return {"target": target, "scan_type": scan_type, "hosts": hosts}
except FileNotFoundError:
return {"error": "nmap not installed"}
except Exception as e:
return {"error": str(e)}
def dns_enumeration(domain):
"""Enumerate DNS records for a domain."""
try:
import dns.resolver
except ImportError:
return {"error": "dnspython not installed — pip install dnspython"}
records = {}
for rtype in ["A", "AAAA", "MX", "NS", "TXT", "SOA", "CNAME"]:
try:
answers = dns.resolver.resolve(domain, rtype)
records[rtype] = [str(r) for r in answers]
except Exception:
pass
subdomains = ["www", "mail", "ftp", "vpn", "remote", "api", "dev", "staging", "admin", "portal"]
found_subs = []
for sub in subdomains:
try:
answers = dns.resolver.resolve(f"{sub}.{domain}", "A")
found_subs.append({"subdomain": f"{sub}.{domain}", "ips": [str(r) for r in answers]})
except Exception:
pass
return {"domain": domain, "records": records, "subdomains": found_subs}
def ssl_check(host, port=443):
"""Check SSL/TLS certificate details."""
import ssl
ctx = ssl.create_default_context()
try:
with ctx.wrap_socket(socket.socket(), server_hostname=host) as s:
s.settimeout(10)
s.connect((host, port))
cert = s.getpeercert()
return {
"host": host, "port": port,
"subject": dict(x[0] for x in cert.get("subject", [])),
"issuer": dict(x[0] for x in cert.get("issuer", [])),
"notBefore": cert.get("notBefore"),
"notAfter": cert.get("notAfter"),
"version": s.version(),
"cipher": s.cipher(),
}
except Exception as e:
return {"host": host, "error": str(e)}
def main():
parser = argparse.ArgumentParser(description="External Network Penetration Test Agent")
sub = parser.add_subparsers(dest="command")
s = sub.add_parser("scan", help="TCP port scan")
s.add_argument("--host", required=True)
s.add_argument("--ports", nargs="*", type=int)
n = sub.add_parser("nmap", help="Run nmap scan")
n.add_argument("--target", required=True)
n.add_argument("--type", default="quick", choices=["quick", "full", "vuln", "udp"])
d = sub.add_parser("dns", help="DNS enumeration")
d.add_argument("--domain", required=True)
c = sub.add_parser("ssl", help="SSL certificate check")
c.add_argument("--host", required=True)
c.add_argument("--port", type=int, default=443)
args = parser.parse_args()
if args.command == "scan":
result = tcp_port_scan(args.host, args.ports)
elif args.command == "nmap":
result = run_nmap_scan(args.target, args.type)
elif args.command == "dns":
result = dns_enumeration(args.domain)
elif args.command == "ssl":
result = ssl_check(args.host, args.port)
else:
parser.print_help()
return
print(json.dumps(result, indent=2, default=str))
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink