tech_tools package
Submodules
tech_tools.cli module
- tech_tools.cli.ipconfig()[source]
Return string of raw ip configuration info from CLI.
- Returns:
Printout of ipconifg /all on Windows or nmcli device show on linux
- Return type:
str
- Note:
Use of this function on Linux requires that nmcli be installed.
- tech_tools.cli.local_arp()[source]
Return string of raw ip configuration info from CLI.
- Returns:
Printout of the local arp table
- Return type:
str
- tech_tools.cli.parse_ipconfig()[source]
Parse raw ipconfig information and return a list containing a dictionary for each valid interface.
- Returns:
List of dictionaries with keys: ip, subnet, mac, (gateway if present)
- Return type:
list
- Note:
Subnet will be provided as a mask on Windows (ex 255.255.255.0) and using CIDR notation on Linux (ex /24).
Valid interfaces might not have a defined gateway.
- tech_tools.cli.parse_local_arp()[source]
Parse raw local arp data and return a Pandas DataFrame.
- Returns:
Parsed information from the local arp table, IPv4 Address and Mac Address
- Return type:
Pandas.DataFrame columns: ip, mac
- tech_tools.cli.parse_trace_route_local(destination='8.8.8.8')[source]
Parse raw trace route data into a list of hosts considered to be part of local/private networks.
- Parameters:
destination (str, IPv4Address) – (optional) Remote host, 8.8.8.8 by default
- Returns:
Hosts (hops) along a given trace route with local (private) addresses
- Return type:
list
- tech_tools.cli.ping_range_ip(ip_list)[source]
Ping a list of hosts and return list of hosts that produced a valid response.
- Parameters:
ip_list (list) – Containing either str or IPv4Address objects of hosts
- Returns:
IPv4Address objects that responded to a ping
- Return type:
list
- tech_tools.cli.ping_single_ip(ip, output)[source]
Ping a single host and append to output list if successful.
- Parameters:
ip (str, IPv4Address) – A valid IPv4 Address, example “10.10.10.132”
output (list) – List to update with values
- Returns:
Nothing, external list will be updated
- Return type:
None
- tech_tools.cli.trace_route(destination='8.8.8.8')[source]
Determine route from local host to a given destination and return raw string data.
- Parameters:
destination (str, IPv4Address) – (optional) Remote host, 8.8.8.8 by default
- Returns:
Printout of tracert on Windows or traceroute on Linux
- Note:
Use of this function on Linux requires that traceroute be installed.
tech_tools.detective_functions module
- tech_tools.detective_functions.local_devices(network=None, ports=None)[source]
Return a DataFrame containing ip, mac, valid tcp ports, and manufacture information obtained from local network
- Parameters:
network (str, IPv4Address) – (optional) Interface IP Address, local_ip() by default
ports (list) – (optional) TCP ports to scan, should be provided as integers, [80, 443] by default
- Returns:
host ip addresses, mac addresses, valid tcp ports, manufacturing company
- Return type:
Pandas.DataFrame
- Note:
If no interface address is provided, the function will attempt to locate devices based on the address returned from the local_ip() function. If multiple interfaces are present, it is recommended to manually select the preferred one.
This function requires a valid host ping, as well as a valid entry in the local arp table. Some hosts might not meet these criteria.
- tech_tools.detective_functions.semi_local_devices(destination='8.8.8.8', ports=None)[source]
Return a DataFrame of ip and TCP port information for Private networks along a designated trace route path.
- Parameters:
destination (str, IPv4Address) – (optional) Remote host, 8.8.8.8 by default
ports (list) – (optional) TCP ports to scan, should be provided as integers, [80, 443] by default
- Returns:
host ip addresses, valid tcp ports
- Return type:
Pandas.DataFrame
- Note:
Assumes /24 subnet, though this might not be correct in many cases.
Recommended to scan networks individually if subnets of different sizes exist along the trace path. A list of local networks along the trace path can be achieved with parse_trace_route_local().
tech_tools.resources module
tech_tools.utilities module
- tech_tools.utilities.generate_range_from_subnet(ip, subnet=24)[source]
Return a list of IPv4 Address objects based on provided subnet information. Excludes network and broadcast addresses.
- Parameters:
ip (str, IPv4Address) – A valid IPv4 Address
subnet (int, str) – (optional) CIDR notation integer value or subnet mask convention, 24 bf default
- Returns:
IPv4 Address objects based upon range of provided subnet, excluding network and broadcast addresses
- Return type:
list
- Note:
If subnet is not referenced in either the ip or subnet params, function assumes 24 or (255.255.255.0). CIDR notation in ip param overrides subnet param.
- The following are examples of valid inputs:
“10.0.0.1” <- assumption of 255.255.255.0 or 24
IPv4Address(“192.168.10.10”) <- assumption of 255.255.255.0 or 24
“192.168.5.1/20” <- overrides subnet parameter
(“192.168.0.1”, 24)
(“10.10.2.0”, “255.255.255.0”)
- tech_tools.utilities.generate_range_from_two_ips(first_ip, second_ip)[source]
Return a list of IPv4 Address objects between two provided IP addresses, including both provided addresses.
- Parameters:
first_ip (str, IPv4Address) – A valid IPv4 Address, example “10.10.10.132”
second_ip (str, IPv4Address) – A valid IPv4 Address, example IPv4Address(“10.10.10.157”)
- Returns:
Both addresses along with every possible address in between them
- Return type:
list
- Note:
The returned list will have complete disregard for any subnet boundaries, broadcast addresses, etc.
Use some discretion as this function can generate a list with billions of values.
- tech_tools.utilities.local_ip()[source]
Return local IPv4Address for the primary interface by way of attempting a socket connection. Unsuccessful socket attempt will return 127.0.0.1.
- Returns:
IP address for the primary interface
- Return type:
IPv4Address
- Note:
This function attempts to forge a connection via the primary interface, in the event that multiple valid interfaces are online, the result may be undesirable. Either disable other interfaces, or determine local ip via other means.
If using a statically defined IP address (for instance, while connecting to an offline, unmanaged switch) it is highly recommended to supply an address, subnet, and gateway. Omission of this information could prevent a valid socket attempt and default to the fallback interface depending on a few factors.
- tech_tools.utilities.reachable_tcp_single_ip(host, port, output, timeout=4)[source]
Determine if a given host on a given port is reachable via TCP socket connection, add successful values to dictionary.
- Parameters:
host (str, IPv4Address) – A valid IPv4 Address, example “10.10.10.132”
port (int) – Port on which to attempt connection
output (dict) – Reachable hosts will be added to this
timeout (int) – (optional) Number of seconds to wait for a timeout failure, default 4
- Returns:
Nothing, external dictionary will be updated
- Return type:
None
- Note:
The dictionary will be updated in the following format: {IP4Address: [port], IPv4Address: [port1, port2], …}
If host is already present within the dictionary, the port will be appended to the existing list. However, if the port in question already exists within said list, it will not be added to avoid duplicates
- tech_tools.utilities.tcp_ip_port_scanner(ip_list, ports, df=True)[source]
Determine which hosts from a given list are reachable via a port or list of ports, return dictionary or DataFrame of valid connections.
- Parameters:
ip_list (list) – Containing either str ip “10.10.1.1” or IPv4Address(“10.10.1.1”) objects
ports (int, list) – Either a single int port or list of int ports
df (bool) – (optional) This entry will determine what format is returned, True by default and therefore a DataFrame.
- Returns:
Hosts with associated ports on which they responded
- Return type:
dict, Pandas.DataFrame
- Note:
Dictionary formatted as: {IPv4Address(“10.10.1.1”): [80, 443], …}
DataFrame columns: ip, ports
tech_tools.wireshark module
- tech_tools.wireshark.wireshark_extract(file)[source]
Return a Series of desired information from a Wireshark JSON file using GroupBy. Includes docs_source ip, docs_source mac, docs_source mac company, destination ip, protocol, and category
- Parameters:
file (str) – Valid path to a JSON wireshark file
- Returns:
Groupby format docs_source ip, docs_source mac, docs_source mac company, destination ip, protocol, and category
- Return type:
Pandas.Series