vigneshoffsec/basic-port-scanner
A simple Python port scanner for basic network reconnaissance.
๐ Advanced Port Scanner (Python)
A fast, multi-threaded TCP port scanning tool built for reconnaissance, network enumeration, and OSCP-style labs.
This scanner supports custom port ranges, banner grabbing, randomized scan order (IDS evasion), and JSON/TXT reporting.
This version replaces the simplistic beginner script with a professional-grade scanning utility suitable for security portfolios and real-world assessments.
๐ Project Structure
basic-port-scanner/
โโโ src/
โ โโโ port_scanner.py
โโโ reports/
โ โโโ .gitkeep
โโโ wordlists/
โ โโโ .gitkeep
โโโ README.md
โโโ LICENSE
๐ Features
โ Multi-threaded TCP Connect Scanning
Uses 100 concurrent threads to accelerate scanning, handling large port ranges efficiently.
โ Customizable Port Inputs
Supports:
-p 1-1024 # range
-p 80,443,3306 # comma-separated
-p 22 # single port
โ Banner Grabbing
Identifies running services by capturing application banners:
SSH-2.0-OpenSSH_8.2
Apache/2.4.54
MySQL Protocol 10
โ Randomized Port Order (Basic IDS Evasion)
Ports are shuffled before scanning to avoid linear port sweep signatures.
โ JSON & TXT Reporting
Reports stored under /reports/:
- JSON structured report
- TXT list of open ports
โ Graceful Error Handling
Handles:
- Host resolution errors
- Network timeouts
- Connection failures
- Interrupted scans
๐งช Usage
Scan common port range (1โ1024)
python3 src/port_scanner.py 192.168.1.10 -p 1-1024Scan a custom set of ports
python3 src/port_scanner.py scanme.nmap.org -p 80,443,22,3306Scan a single port
python3 src/port_scanner.py example.com -p 443Example Output
========== Port Scan Started ==========
Target: 192.168.1.10
Ports: 1-1024
Threads: 100
----------------------------------------
[OPEN] 22/tcp โ SSH-2.0-OpenSSH_8.2
[OPEN] 80/tcp
========== Scan Complete ==========
Open Ports Found: 2
Scan Duration: 3.24 seconds
====================================
๐ Generated Reports
Inside /reports/:
portscan-20251114-160420.json
portscan-20251114-160420.txt
JSON Example
{
"target": "192.168.1.10",
"open_ports": [
{"port": 22, "banner": "SSH-2.0-OpenSSH_8.2"},
{"port": 80, "banner": null}
],
"scan_duration": 3.24
}๐ How It Works (Internals)
1. Host Resolution
Resolves domain โ IPv4:
socket.gethostbyname(target)
2. Multi-threaded Connect Scan
Each worker pulls a port from a queue and attempts:
s.connect_ex((ip, port))
If result == 0 โ port open.
3. Banner Grabbing
If port is open, tool attempts:
s.recv(1024)
to capture service fingerprints.
4. Randomized Port Order
Shuffles ports for basic stealth against sequential-scan detection.
5. Reporting
Results compiled into:
- TXT output
- JSON structured file
๐ Performance
Testing on local VM:
| Ports Scanned | Threads | Duration |
|---|---|---|
| 1โ1024 | 100 | ~3s |
| 1โ65535 | 300 | ~40โ60s |
(Depends heavily on latency and host responsiveness.)
๐ Future Enhancements
- Asyncio-based ultra-fast scanning
- SYN-scan mode (requires raw sockets)
- UDP scanning mode
- OS fingerprinting (TTL analysis)
- NSE-style script hooks
- Banner signature matching
๐งโโ๏ธ Ethical Disclaimer
This tool is intended ONLY for:
- Authorized penetration testing
- Lab environments
- Educational use
Scanning systems you do not own or have permission to test is illegal and unethical.
๐จโ๐ป Author
Vignesh Mani
Offensive Security Researcher
GitHub: https://github.com/vigneshoffsec
LinkedIn: https://linkedin.com/in/vignesh-m17