Share
## https://sploitus.com/exploit?id=77230F71-C9BC-5FED-A96A-B2D5586E75EB
๐Ÿ’€ IASS โ€” ISP ASN Security Scanner


  Automated reconnaissance & vulnerability assessment framework for ISP network infrastructure



  Resolve ASN โ†’ CIDR blocks โ†’ Port Discovery โ†’ Vulnerability Scanning โ†’ Camera Exploitation โ†’ Professional Reporting


---

## ๐ŸŽฏ What is IASS?

**IASS** (ISP ASN Security Scanner) is an advanced **cybersecurity IP scanner** and desktop reconnaissance platform built for automated network security assessments. Designed for security researchers and penetration testers, IASS automates the entire attack surface discovery pipeline against large-scale ISP infrastructure. Given an **Autonomous System Number (ASN)** or a **Single IP Address**, the scanner systematically resolves CIDR ranges, performs high-speed port discovery, executes targeted vulnerability scans, identifies exposed cameras, and generates professional security reports โ€” all through a sleek, modern interface.

> โš ๏ธ **Legal Disclaimer**: This tool is designed for **authorized security testing and research only**. Unauthorized scanning of networks you do not own or have explicit permission to test is **illegal**. Always obtain written authorization before scanning any infrastructure. The developers assume no liability for misuse.

---

## ๐Ÿ“ธ Screenshots


๐Ÿ–ฅ๏ธ Main Interface





๐Ÿ“œ Finding History




---

## โœจ Features

### ๐Ÿ” Reconnaissance Pipeline
- **ASN Resolution** โ€” Resolves ASN to CIDR blocks via multiple fallback APIs (BGPView, RIPEstat, HackerTarget)
- **High-Speed Port Discovery** โ€” Masscan-powered scanning at up to 1000 packets/sec across all 65,535 ports
- **Vulnerability Assessment** โ€” Nuclei-based automated vulnerability detection with configurable severity filters
- **Camera Exploitation** โ€” Identifies RTSP streams, web login panels, default credentials, and known CVEs for IP cameras (Hikvision, Dahua, Axis, etc.)
- **Single Target Mode** โ€” Deep scan any individual IP with full port + vuln + camera analysis

### ๐Ÿ–ฅ๏ธ GUI & Visualization
- **Professional Modern UI** โ€” Clean dark-mode interface with high-contrast elements built on CustomTkinter
- **Real-Time Console** โ€” Live scan output with color-coded log levels
- **Interactive Network Topology** โ€” Canvas-based network tree visualization with zoom/pan
- **World Map View** โ€” GeoIP-based plotting of discovered targets on an interactive map
- **Progress Tracking** โ€” Real-time progress bar with CIDR completion stats and elapsed time

### ๐Ÿ“Š Reporting & Data
- **Professional PDF Reports** โ€” A4-sized, multi-page HTML reports with cover page, executive summary, severity breakdown, and actionable recommendations (print to PDF)
- **Multiple Export Formats** โ€” HTML, JSON, and TXT report generation
- **Finding History** โ€” Searchable archive of all past scan findings with pagination
- **SQLite Persistence** โ€” All scan state persisted for pause/resume across sessions

### โš™๏ธ Scan Control
- **Pause / Resume / Abort** โ€” Full scan lifecycle control
- **Configurable Nuclei Options** โ€” Severity filters, tags, rate limiting, concurrency, deep scan (OOB/OAST)
- **Auto-Template Updates** โ€” Automatic Nuclei template updates before scans
- **Dependency Checker** โ€” Built-in setup wizard if Masscan, Nuclei, or Npcap are missing

---

## ๐Ÿš€ Quick Start

### Prerequisites

| Component | Purpose | Required |
|-----------|---------|----------|
| **Python 3.10+** | Runtime | โœ… Yes |
| **Npcap** | Raw packet driver for Masscan | โœ… Yes |
| **Masscan** | High-speed port scanner | โœ… Yes |
| **Nuclei** | Vulnerability scanner | โœ… Yes |
| **Git** | Clone repository | โœ… Yes |

### Step 1: Install System Dependencies

#### ๐Ÿ“ฆ Npcap (Packet Capture Driver)

Masscan requires a raw packet capture driver to send SYN packets.

1. Download from [npcap.com](https://npcap.com/#download)
2. Run the installer
3. **Important**: Check โœ… **"Install Npcap in WinPcap API-compatible Mode"** during setup
4. Restart your computer after installation

#### ๐Ÿ“ฆ Masscan (Port Scanner)

Option A โ€” **Pre-bundled** (Recommended):
> The repository includes `masscan64.exe` in the `asn_scanner/` directory. No action needed.

Option B โ€” Build from source:
```bash
git clone https://github.com/robertdavidgraham/masscan
cd masscan
# Build using Visual Studio or MinGW
```

#### ๐Ÿ“ฆ Nuclei (Vulnerability Scanner)

Option A โ€” **Go Install** (if Go is installed):
```bash
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
```

Option B โ€” **Direct Download**:
1. Go to [Nuclei Releases](https://github.com/projectdiscovery/nuclei/releases)
2. Download `nuclei__windows_amd64.zip`
3. Extract `nuclei.exe`
4. Add the folder containing `nuclei.exe` to your system **PATH**:
   ```
   Settings โ†’ System โ†’ About โ†’ Advanced System Settings โ†’ Environment Variables
   โ†’ Path โ†’ Edit โ†’ New โ†’ C:\path\to\nuclei\folder
   ```

Option C โ€” **Using Chocolatey**:
```powershell
choco install nuclei
```

#### Verify Installation

Open a new terminal and run:
```powershell
nuclei -version
# Expected: Nuclei Engine Version: vX.X.X
```

---

### Step 2: Clone & Setup

```bash
# Clone the repository
git clone https://github.com/IstiyakV/IASS-ISP-ASN-Security-Scanner.git
cd IASS-ISP-ASN-Security-Scanner

# Create virtual environment
python -m venv .venv

# Activate virtual environment
# Windows (PowerShell):
.\.venv\Scripts\Activate.ps1
# Windows (CMD):
.\.venv\Scripts\activate.bat

# Install Python dependencies
pip install -r requirements.txt
```

### Step 3: Run

```bash
python main.py
```

> ๐Ÿ’ก **First Launch**: If any system dependency is missing, IASS will display an interactive setup guide with download links and instructions.

---

## ๐Ÿ“– Usage Guide

### ASN Reconnaissance Mode

1. Enter an **ASN** (e.g., `AS12345`) in the ASN Reconnaissance field
2. *(Optional)* Filter to a specific IP within the ASN range
3. Configure **Nuclei** settings (severity, tags, rate limit, concurrency)
4. Click **โ–ถ ENGAGE** to start the full pipeline:

```
ASN Resolution โ†’ CIDR Enumeration โ†’ Masscan Port Scan โ†’ Nuclei Vuln Scan โ†’ Camera Exploit โ†’ Report
```

### Single Target Mode

1. Enter a **single IP address** in the Single Target Scan field
2. Click **โšก** to run a comprehensive deep scan:
   - Full 65,535 port scan
   - Vulnerability assessment
   - Camera exploitation checks

### Scan Controls

| Button | Action |
|--------|--------|
| **โ–ถ ENGAGE** | Start ASN reconnaissance scan |
| **โธ HOLD** | Pause scan (resume later) |
| **โ–ถ RESUME** | Resume a paused scan |
| **๐Ÿ›‘ ABORT** | Immediately terminate all scan processes |
| **โšก** | Quick single-IP deep scan |

### Exporting Reports

Click **๐Ÿ’พ EXPORT REPORT** to generate reports in:
- **HTML** โ€” Professional A4-paginated report (open in browser โ†’ `Ctrl+P` โ†’ Save as PDF)
- **JSON** โ€” Machine-readable structured data
- **TXT** โ€” Plain text summary

---

## ๐Ÿ—๏ธ Architecture

```
IASS/
โ”œโ”€โ”€ main.py                    # Entry point
โ”œโ”€โ”€ requirements.txt           # Python dependencies
โ”œโ”€โ”€ README.md                  # This file
โ””โ”€โ”€ asn_scanner/
    โ”œโ”€โ”€ __init__.py
    โ”œโ”€โ”€ gui.py                 # Main GUI (CustomTkinter)
    โ”œโ”€โ”€ scanner.py             # Scan engine (threading, process management)
    โ”œโ”€โ”€ asn_resolver.py        # ASN โ†’ CIDR resolution (BGPView, RIPE, HackerTarget)
    โ”œโ”€โ”€ database.py            # SQLite persistence layer
    โ”œโ”€โ”€ camera_exploiter.py    # Camera detection & exploitation module
    โ”œโ”€โ”€ checker.py             # System dependency checker
    โ”œโ”€โ”€ geo_locator.py         # GeoIP lookup service
    โ”œโ”€โ”€ geo_widget.py          # Interactive world map widget
    โ”œโ”€โ”€ map_widget.py          # Network topology canvas
    โ”œโ”€โ”€ report_generator.py    # HTML/JSON/TXT report generation
    โ””โ”€โ”€ masscan64.exe          # Bundled Masscan binary (Windows x64)
```

### Pipeline Flow

```mermaid
graph LR
    A[ASN Input] --> B[ASN Resolver]
    B --> C[CIDR Blocks]
    C --> D[MasscanPort Scan]
    D --> E[NucleiVuln Scan]
    D --> F[CameraExploiter]
    E --> G[SQLite DB]
    F --> G
    G --> H[ReportGenerator]
    G --> I[GUIDashboard]
    I --> J[Network Map]
    I --> K[World Map]
```

---

## ๐Ÿ”ง Configuration

### Nuclei Settings (via GUI)

| Setting | Default | Description |
|---------|---------|-------------|
| **Severity** | Critical, High, Medium | Which vulnerability severities to scan for |
| **Tags** | `cve,default-logins` | Nuclei template tags to include |
| **Rate Limit** | 150 req/s | Maximum requests per second |
| **Concurrency** | 25 | Number of parallel template executions |
| **Auto-Update** | โœ… Enabled | Update Nuclei templates before each scan |
| **Deep Scan** | โŒ Disabled | Enable OOB/OAST interactsh-based detection |

---

## ๐Ÿ›ก๏ธ Supported Camera Brands

IASS includes built-in exploitation modules for:

| Brand | Detection | Default Creds | CVEs | RTSP |
|-------|-----------|---------------|------|------|
| Hikvision | โœ… | โœ… | โœ… | โœ… |
| Dahua | โœ… | โœ… | โœ… | โœ… |
| Axis | โœ… | โœ… | โœ… | โœ… |
| Foscam | โœ… | โœ… | โ€” | โœ… |
| Amcrest | โœ… | โœ… | โ€” | โœ… |
| Reolink | โœ… | โœ… | โ€” | โœ… |
| TP-Link | โœ… | โœ… | โ€” | โ€” |
| Vivotek | โœ… | โœ… | โ€” | โœ… |

---

## โš ๏ธ Troubleshooting


Masscan fails with "FAIL: Error opening adapter"

**Cause**: Npcap is not installed or not in WinPcap-compatible mode.

**Fix**:
1. Uninstall existing Npcap
2. Re-download from [npcap.com](https://npcap.com/#download)
3. During installation, check โœ… **"Install Npcap in WinPcap API-compatible Mode"**
4. Restart your computer



Nuclei command not found

**Cause**: Nuclei is not in your system PATH.

**Fix**:
```powershell
# Check if nuclei is accessible
nuclei -version

# If not found, add to PATH:
$env:PATH += ";C:\path\to\nuclei\folder"

# Or permanently via System Settings โ†’ Environment Variables โ†’ PATH
```



GUI appears blurry on high-DPI displays

**Fix**: Set DPI awareness before launching:
```powershell
# Add to the top of main.py:
import ctypes
ctypes.windll.shcore.SetProcessDpiAwareness(1)
```



Scan hangs at 0% progress

**Cause**: Masscan requires administrator privileges for raw packet transmission.

**Fix**: Run the terminal / IDE as **Administrator**:
```powershell
# Right-click PowerShell โ†’ "Run as Administrator"
cd path\to\IASS
python main.py
```


---

## ๐Ÿ“„ License

This project is licensed under the **MIT License** โ€” see the [LICENSE](LICENSE) file for details.

---

## ๐Ÿค Contributing

Contributions are welcome! Please:

1. Fork the repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request

---

## ๐Ÿ“ฌ Contact

- **GitHub Issues** โ€” For bug reports and feature requests
- **Pull Requests** โ€” For code contributions

---

### ๐Ÿ’– Show Your Support

๐Ÿ‘€ **Watch** this repository for future updates and implementations!
๐Ÿด **Fork** it to use as a blueprint for your own security automation projects!
โญ **Star** this repo if you found it helpful and learned something new!

---


  ๐Ÿ’€ IASS v4.0 โ€” Built for security researchers, by security researchers
  
  โšก Hack the planet responsibly โšก