SecureAuthScanner is a minimalist script that performs brute-force authentication tests and port scanning on SSH, FTP, and HTTP services using Hydra and Netcat.
Tool designed to scan authentication protocols in networks, identifying possible vulnerabilities in the systems. Using the powerful capabilities of the Hydra tool, it allows authentication tests to be performed on various services, while Netcat (nc) is used to obtain additional information and evaluate the network environment.
This tool is designed for penetration testers and security analysts to identify vulnerabilities in authentication protocols across networked systems by testing credentials and scanning ports. It is useful for assessing the security posture of SSH, FTP, and HTTP services in controlled environments.
This tool requires prior installation of Hydra and Netcat, which are external dependencies not bundled with the script. It should only be used in authorized and controlled environments for ethical testing purposes. Users must prepare username and password lists to perform brute-force attacks, and ensure relevant ports are open on target systems. Running this tool against unauthorized targets is illegal and unethical.
Clone the repository: git clone https://github.com/elliotsecops/SecureAuthScanner.git
Navigate to the cloned directory: cd SecureAuthScanner
Ensure Hydra is installed (https://github.com/vanhauser-thc/thc-hydra)
Ensure Netcat (nc) is installed (https://nc110.sourceforge.net/)
Have Python 3 installed on your system
Prepare users.txt with usernames and passwords.txt with passwords in the same directory as the scriptpython3 secure_auth_scanner.py
Runs the SecureAuthScanner script to perform authentication brute-force and port scanning on configured targets.
Modify the 'target_ips' list in the script
Customize the list of IP addresses to scan.
Modify the 'additional_ports' list in the script
Add or remove ports to be scanned by Netcat.