B) Python software and Socket Layer installed

on the machine.

C) The hardware stated in A) should be running

Introduction Kali linux or have a virtual version of Kali linux

ii) Risks
There are countless Malicious client
The risks that may be encountered with the
applications that turn to make their way to a
project is the system being incomplete due to
machine as we browse the internet and
the limited time given to build the system. The
download different applications. These
system consists of a port scanner and a banner
applications somehow allow third parties to
grabber therefore there is a risk that the banner
make remote access into our machines. This is
grabber may not be part of the system and
one of the reasons why vulnerability testing is
rather just the port scanner.
important.[1]
Execution
In this project we will be building a Port scanner The system will be build using the Python and
which is part of the first phase of a penetration Kali linux scripting. The methodology that will
test and allows you to find all network entry be used to build the system is Agile Scrum that
points available on a target system.[1] After is incremental.
doing so we will be making connections to each
open port and returning the service, as well as Testing:
their versions, which are running on that The testing which will be used is Unit testing.
specific port. We also highlight the port which The port scanner will be tested on its own and
may give access to user credentials the banner grabber on its own. And there after
they will be tested as an entire system.
1. Project life cycle

Definition Delivery
In this project we will be building a port scanner Upon the delivery of the system a user manual
and a banner grabber. This is a vulnerability will be given to the users on how to use the
assessment tool which will scan a machine to vulnerability assessment tool on the user
find open ports that can be accessed by interface. Should the users still need additional
unknown entities for malicious purposes. assistance there will be a video tutorial to guide
the users.
Planning
The duration of the project is 12 weeks. 2. Literature Review
Pentest-tools.com is an online port scanning
i) Resources
website, which uses Nmap, where users can
The resources require for the projects are as scan a machine based on an IP address or
follows: multiple machines based on a range of IP
addresses. The authors of the website have
A) Laptop/Desktop opted to use an online port scanner because it
gives an external view of your systems as they
are seen by any hacker from the Internet[1]. If Project Proposal
you do the same scan from your internal
Vulnerability Assessment tools are designed to
network you may obtain different results
constantly and proactively test the vulnerability
because of various firewalls and network
of a machine by scanning it given its IP address.
restrictions[1]. Furthermore, our port scanner
This gives a report of open and exposed ports
is:
that can be connected to by hackers to gather
• Already configured and ready to run[1] private information or to corrupt a machine
with a virus or a malware of some sort. The
• Periodically upgraded[1] main use of vulnerability assessment tools is to
• Has an easy-to-use interface over the inform users or companies of vulnerabilities on
complex command line parameters of their machines so that they can take the
Nmap[1] necessary measures to protect those machines
and stay ahead of hackers.
The online scanner allows users to conduct a
light scan which checks only checks for the top In this project we will be building a port scanner
100 TCP port[1], which include: and banner grabber that will be used as the
Vulnerability assessment tool, to reveal the
• 21 - FTP (File Transfer Protocol) exposed and vulnerable ports on the machine.
• 22 - SSH (Secure Shell) The first part of the tool is to scan a machine
based on an IP address to find open ports. Once
• 23 - Telnet those open ports are found then the system will
attempt to make a connection to the open
• 25 - SMTP (Mail)
ports. If the system makes a successful access
• 80 - HTTP (Web) to those ports, it will return a report of all the
open ports as well as the services running on
• 110 - POP3 (Mail)
those ports, along with their versions. The
• 143 - IMAP (Mail) system will additionally highlight services that
can give out user credentials so that the users
• 443 - HTTPS (Secure Web) can be aware.
• 445 - SMB (Microsoft File Sharing)

• 3389 - RDP (Remote Desktop Protocol)

4. User Requirements
i) The project
The Online scanner also allows users to
When machines are connected to a network,
schedule periodic scan for their organizational
they are constantly vulnerable to attacks and
networks or singular machines for
unwanted connections from hackers. This
vulnerabilities.
system allows one to be able to scan a machine
Above all this, the authors take the time to in a network based on a singular IP address or
educate users about Cybersecurity and the multiple machines within a network based on
importance of vulnerability testing machines in an IP range. Once the machine has been
an organization or personal capacity. scanned it will return the ports which are open
for access, thereafter the system will attempt to
make a connection to those ports and return
the service running as well as the version of the 2. A Graphics User Interface for user to input An
service to show that the port may be vulnerable IP address range.
to connections from unknown entities.
3. The system should list the open ports per IP.
This project has been proposed by Council for
4. The System should also provide the service
Scientific and Industrial Research (CSIR) to work
behind the open port
in collaboration with postgraduate honours
students in the University of Western Cape 5. The system should also provide the service
(UWC) . The purpose of the project is to bring version on the open port.
awareness regarding the vulnerability of a
user’s machine within a network. 6. The system should Highlight vulnerable
protocols that send user credentials in clear text
such as telnet, ftp, http, and so on.
ii) User view of the system v) Limitations and Out of Scope
The user will enter a singular IP Address or an IP 1. The system does not return information
address range to check open ports of a singular such as MAC address of the machine
machine or multiple machines. The system will and the operating system running on
then return all the open ports for the requested the machine.
IP address or open ports for machines within an 2. The System does not act as a protective
IP address range corresponding to a specific IP tool against the connection of unknown
address within the range. Once that is done the entities to those open and vulnerable
system will also return the service running on ports.
that open port and the version of the service 3. The System does not access files on the
running on that port, showing that the port can machine.
be accessed by unknown entities. 4. The System does not install any
software on the machine.
The system will also allow the user to save the
results as text for future review.
v) Use Case Diagram
iii) Expectations.
Figure 1. Please find the use case
The expectation of the system is to scan the
diagram below, showing how the
machine with the given IP address for open port
user will be interacting with the
and attempt to connect to those port to show
system.
the user where the machine is vulnerable to
connections from unwanted entities. This will
allow the user to take the necessary steps to
protect their machine from hackers.

iv) Stakeholder Requirements.

In this project, the stakeholder has defined the

requirements of the system and functionality as
follows:

1. A Graphics User Interface for user to input a

single IP address.
 4. Display open ports at the specified IP
address.
5. Requirements Analysis 5. Display open ports at each IP address
on a specified IP address.
Current System UI: 6. The system should access the open
port.
Figure 2. Please find the picture of the 7. The system should return and display
preliminary UI below of the Port the service behind the open port.
scanner scanning ports of a given IP 8. The system should return and display
address and the Nmap , in the version of the service behind the
linux,grabbing services of open ports for open port.
a specific address. 9. The system should Highlight and display
the vulnerable protocols that send user
credentials
10. The system should allow the user to
save/download the information
displayed by the system as a text file.
11. The user should be able to view history
of Scanned IP addresses.

ii) Non-functional requirement

1. The system should return the results of
the open ports within 0.1s for each IP
address.
2. The system should return the results of
the services running on the open ports
within 0.1s for each IP address.
3. The system should return the version of
the services running on the open ports
within 0.1s for each IP address.
4. The required operating system required
for the system to work is Linux.
5. The required Software required to
operate the system is Python.
6. The system will check whether the IP
address or IP address range entered by
user is in a correct format to reduce
human error and increase reliability.
i) Functional requirements.
1. The user should be able to log in to the iii) UML Class diagram
system
2. Enter a single IP address to scan ports. Figure 3. Please find the Class
3. Enter an IP range to scan ports. diagram below of the two classes
 that will be used for the system and
their parameters.

Project Plan

Figure 4. Please find the gantt chart below

showing the timeline of the project with various
tasks.