## https://sploitus.com/exploit?id=77230F71-C9BC-5FED-A96A-B2D5586E75EB
๐ IASS โ ISP ASN Security Scanner
Automated reconnaissance & vulnerability assessment framework for ISP network infrastructure
Resolve ASN โ CIDR blocks โ Port Discovery โ Vulnerability Scanning โ Camera Exploitation โ Professional Reporting
---
## ๐ฏ What is IASS?
**IASS** (ISP ASN Security Scanner) is an advanced **cybersecurity IP scanner** and desktop reconnaissance platform built for automated network security assessments. Designed for security researchers and penetration testers, IASS automates the entire attack surface discovery pipeline against large-scale ISP infrastructure. Given an **Autonomous System Number (ASN)** or a **Single IP Address**, the scanner systematically resolves CIDR ranges, performs high-speed port discovery, executes targeted vulnerability scans, identifies exposed cameras, and generates professional security reports โ all through a sleek, modern interface.
> โ ๏ธ **Legal Disclaimer**: This tool is designed for **authorized security testing and research only**. Unauthorized scanning of networks you do not own or have explicit permission to test is **illegal**. Always obtain written authorization before scanning any infrastructure. The developers assume no liability for misuse.
---
## ๐ธ Screenshots
๐ฅ๏ธ Main Interface
๐ Finding History
---
## โจ Features
### ๐ Reconnaissance Pipeline
- **ASN Resolution** โ Resolves ASN to CIDR blocks via multiple fallback APIs (BGPView, RIPEstat, HackerTarget)
- **High-Speed Port Discovery** โ Masscan-powered scanning at up to 1000 packets/sec across all 65,535 ports
- **Vulnerability Assessment** โ Nuclei-based automated vulnerability detection with configurable severity filters
- **Camera Exploitation** โ Identifies RTSP streams, web login panels, default credentials, and known CVEs for IP cameras (Hikvision, Dahua, Axis, etc.)
- **Single Target Mode** โ Deep scan any individual IP with full port + vuln + camera analysis
### ๐ฅ๏ธ GUI & Visualization
- **Professional Modern UI** โ Clean dark-mode interface with high-contrast elements built on CustomTkinter
- **Real-Time Console** โ Live scan output with color-coded log levels
- **Interactive Network Topology** โ Canvas-based network tree visualization with zoom/pan
- **World Map View** โ GeoIP-based plotting of discovered targets on an interactive map
- **Progress Tracking** โ Real-time progress bar with CIDR completion stats and elapsed time
### ๐ Reporting & Data
- **Professional PDF Reports** โ A4-sized, multi-page HTML reports with cover page, executive summary, severity breakdown, and actionable recommendations (print to PDF)
- **Multiple Export Formats** โ HTML, JSON, and TXT report generation
- **Finding History** โ Searchable archive of all past scan findings with pagination
- **SQLite Persistence** โ All scan state persisted for pause/resume across sessions
### โ๏ธ Scan Control
- **Pause / Resume / Abort** โ Full scan lifecycle control
- **Configurable Nuclei Options** โ Severity filters, tags, rate limiting, concurrency, deep scan (OOB/OAST)
- **Auto-Template Updates** โ Automatic Nuclei template updates before scans
- **Dependency Checker** โ Built-in setup wizard if Masscan, Nuclei, or Npcap are missing
---
## ๐ Quick Start
### Prerequisites
| Component | Purpose | Required |
|-----------|---------|----------|
| **Python 3.10+** | Runtime | โ Yes |
| **Npcap** | Raw packet driver for Masscan | โ Yes |
| **Masscan** | High-speed port scanner | โ Yes |
| **Nuclei** | Vulnerability scanner | โ Yes |
| **Git** | Clone repository | โ Yes |
### Step 1: Install System Dependencies
#### ๐ฆ Npcap (Packet Capture Driver)
Masscan requires a raw packet capture driver to send SYN packets.
1. Download from [npcap.com](https://npcap.com/#download)
2. Run the installer
3. **Important**: Check โ **"Install Npcap in WinPcap API-compatible Mode"** during setup
4. Restart your computer after installation
#### ๐ฆ Masscan (Port Scanner)
Option A โ **Pre-bundled** (Recommended):
> The repository includes `masscan64.exe` in the `asn_scanner/` directory. No action needed.
Option B โ Build from source:
```bash
git clone https://github.com/robertdavidgraham/masscan
cd masscan
# Build using Visual Studio or MinGW
```
#### ๐ฆ Nuclei (Vulnerability Scanner)
Option A โ **Go Install** (if Go is installed):
```bash
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
```
Option B โ **Direct Download**:
1. Go to [Nuclei Releases](https://github.com/projectdiscovery/nuclei/releases)
2. Download `nuclei__windows_amd64.zip`
3. Extract `nuclei.exe`
4. Add the folder containing `nuclei.exe` to your system **PATH**:
```
Settings โ System โ About โ Advanced System Settings โ Environment Variables
โ Path โ Edit โ New โ C:\path\to\nuclei\folder
```
Option C โ **Using Chocolatey**:
```powershell
choco install nuclei
```
#### Verify Installation
Open a new terminal and run:
```powershell
nuclei -version
# Expected: Nuclei Engine Version: vX.X.X
```
---
### Step 2: Clone & Setup
```bash
# Clone the repository
git clone https://github.com/IstiyakV/IASS-ISP-ASN-Security-Scanner.git
cd IASS-ISP-ASN-Security-Scanner
# Create virtual environment
python -m venv .venv
# Activate virtual environment
# Windows (PowerShell):
.\.venv\Scripts\Activate.ps1
# Windows (CMD):
.\.venv\Scripts\activate.bat
# Install Python dependencies
pip install -r requirements.txt
```
### Step 3: Run
```bash
python main.py
```
> ๐ก **First Launch**: If any system dependency is missing, IASS will display an interactive setup guide with download links and instructions.
---
## ๐ Usage Guide
### ASN Reconnaissance Mode
1. Enter an **ASN** (e.g., `AS12345`) in the ASN Reconnaissance field
2. *(Optional)* Filter to a specific IP within the ASN range
3. Configure **Nuclei** settings (severity, tags, rate limit, concurrency)
4. Click **โถ ENGAGE** to start the full pipeline:
```
ASN Resolution โ CIDR Enumeration โ Masscan Port Scan โ Nuclei Vuln Scan โ Camera Exploit โ Report
```
### Single Target Mode
1. Enter a **single IP address** in the Single Target Scan field
2. Click **โก** to run a comprehensive deep scan:
- Full 65,535 port scan
- Vulnerability assessment
- Camera exploitation checks
### Scan Controls
| Button | Action |
|--------|--------|
| **โถ ENGAGE** | Start ASN reconnaissance scan |
| **โธ HOLD** | Pause scan (resume later) |
| **โถ RESUME** | Resume a paused scan |
| **๐ ABORT** | Immediately terminate all scan processes |
| **โก** | Quick single-IP deep scan |
### Exporting Reports
Click **๐พ EXPORT REPORT** to generate reports in:
- **HTML** โ Professional A4-paginated report (open in browser โ `Ctrl+P` โ Save as PDF)
- **JSON** โ Machine-readable structured data
- **TXT** โ Plain text summary
---
## ๐๏ธ Architecture
```
IASS/
โโโ main.py # Entry point
โโโ requirements.txt # Python dependencies
โโโ README.md # This file
โโโ asn_scanner/
โโโ __init__.py
โโโ gui.py # Main GUI (CustomTkinter)
โโโ scanner.py # Scan engine (threading, process management)
โโโ asn_resolver.py # ASN โ CIDR resolution (BGPView, RIPE, HackerTarget)
โโโ database.py # SQLite persistence layer
โโโ camera_exploiter.py # Camera detection & exploitation module
โโโ checker.py # System dependency checker
โโโ geo_locator.py # GeoIP lookup service
โโโ geo_widget.py # Interactive world map widget
โโโ map_widget.py # Network topology canvas
โโโ report_generator.py # HTML/JSON/TXT report generation
โโโ masscan64.exe # Bundled Masscan binary (Windows x64)
```
### Pipeline Flow
```mermaid
graph LR
A[ASN Input] --> B[ASN Resolver]
B --> C[CIDR Blocks]
C --> D[MasscanPort Scan]
D --> E[NucleiVuln Scan]
D --> F[CameraExploiter]
E --> G[SQLite DB]
F --> G
G --> H[ReportGenerator]
G --> I[GUIDashboard]
I --> J[Network Map]
I --> K[World Map]
```
---
## ๐ง Configuration
### Nuclei Settings (via GUI)
| Setting | Default | Description |
|---------|---------|-------------|
| **Severity** | Critical, High, Medium | Which vulnerability severities to scan for |
| **Tags** | `cve,default-logins` | Nuclei template tags to include |
| **Rate Limit** | 150 req/s | Maximum requests per second |
| **Concurrency** | 25 | Number of parallel template executions |
| **Auto-Update** | โ Enabled | Update Nuclei templates before each scan |
| **Deep Scan** | โ Disabled | Enable OOB/OAST interactsh-based detection |
---
## ๐ก๏ธ Supported Camera Brands
IASS includes built-in exploitation modules for:
| Brand | Detection | Default Creds | CVEs | RTSP |
|-------|-----------|---------------|------|------|
| Hikvision | โ | โ | โ | โ |
| Dahua | โ | โ | โ | โ |
| Axis | โ | โ | โ | โ |
| Foscam | โ | โ | โ | โ |
| Amcrest | โ | โ | โ | โ |
| Reolink | โ | โ | โ | โ |
| TP-Link | โ | โ | โ | โ |
| Vivotek | โ | โ | โ | โ |
---
## โ ๏ธ Troubleshooting
Masscan fails with "FAIL: Error opening adapter"
**Cause**: Npcap is not installed or not in WinPcap-compatible mode.
**Fix**:
1. Uninstall existing Npcap
2. Re-download from [npcap.com](https://npcap.com/#download)
3. During installation, check โ **"Install Npcap in WinPcap API-compatible Mode"**
4. Restart your computer
Nuclei command not found
**Cause**: Nuclei is not in your system PATH.
**Fix**:
```powershell
# Check if nuclei is accessible
nuclei -version
# If not found, add to PATH:
$env:PATH += ";C:\path\to\nuclei\folder"
# Or permanently via System Settings โ Environment Variables โ PATH
```
GUI appears blurry on high-DPI displays
**Fix**: Set DPI awareness before launching:
```powershell
# Add to the top of main.py:
import ctypes
ctypes.windll.shcore.SetProcessDpiAwareness(1)
```
Scan hangs at 0% progress
**Cause**: Masscan requires administrator privileges for raw packet transmission.
**Fix**: Run the terminal / IDE as **Administrator**:
```powershell
# Right-click PowerShell โ "Run as Administrator"
cd path\to\IASS
python main.py
```
---
## ๐ License
This project is licensed under the **MIT License** โ see the [LICENSE](LICENSE) file for details.
---
## ๐ค Contributing
Contributions are welcome! Please:
1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request
---
## ๐ฌ Contact
- **GitHub Issues** โ For bug reports and feature requests
- **Pull Requests** โ For code contributions
---
### ๐ Show Your Support
๐ **Watch** this repository for future updates and implementations!
๐ด **Fork** it to use as a blueprint for your own security automation projects!
โญ **Star** this repo if you found it helpful and learned something new!
---
๐ IASS v4.0 โ Built for security researchers, by security researchers
โก Hack the planet responsibly โก