ExploitEye - Ethical Security Assessment Tool

A comprehensive security reconnaissance and assessment tool for ethical hacking and penetration testing.

Features

Core Reconnaissance

• Phone Number Information - Carrier details, geolocation, timezone analysis
• Domain Information - DNS records, SSL certificates, WHOIS data, subdomain discovery
• Social Media Detection - Username and domain presence across platforms
• IP Address Information - Geolocation, reverse DNS, threat intelligence
• Email Address Analysis - Validation, domain analysis, breach checking
• Simple IP Info - Quick IP/domain information using ip-api.com

Network & Security Tools

• Network Scanner - TCP/UDP port scanning, service identification
• Port Scanner - Individual port analysis with banner grabbing
• Vulnerability Scanner - Web application security assessment
• Vulnerability Assessment - Comprehensive security analysis

Advanced Security Features

• Security Monitoring - Network activity monitoring and anomaly detection
• Threat Analysis - IP and domain reputation checking
• Intrusion Detection - System event analysis and file integrity monitoring
• System Information - Comprehensive system details
• DDoS Defense Simulation - Analyze and test DDoS protection mechanisms

Requirements

• Python 3.8+
• Windows/Linux/macOS
• Internet connection for API calls

Installation

Using Executable

Download the latest ExploitEye.exe from releases and run directly.

Usage

Main Menu Options

1. Phone Number Information - Analyze phone numbers for carrier and location data
2. Domain Information - Comprehensive domain reconnaissance
3. Social Media Detection - Find social media profiles
4. Network Scanner - Scan networks and hosts
5. Vulnerability Scanner - Web application security testing
6. IP Address Information - IP geolocation and threat analysis
7. Email Address Analysis - Email validation and breach checking
8. Port Scanner - Individual port analysis
9. System Information - System details and configuration
10. Security Monitoring - Network activity monitoring
11. Threat Analysis - Reputation and threat intelligence
12. Intrusion Detection - System security monitoring
13. Vulnerability Assessment - Comprehensive security assessment
14. Simple IP Info - Quick IP/domain information lookup
15. DDoS Defense Simulation - Analyze DDoS protection mechanisms
16. Exit - Close the application

Examples

Phone Number Analysis

Enter phone number: +1234567890
{
  "phone_number": "+1234567890",
  "carrier_info": {
    "carrier": "Verizon Wireless",
    "line_type": "mobile",     
    "country_code": "US",
    "country_name": "United States"
  },
  "geolocation": {
    "country": "United States",
    "region": "California",
    "city": "Los Angeles",
    "timezone": "America/Los_Angeles"
  }
}

Domain Information

Enter domain: example.com
{
  "domain": "example.com",
  "dns_records": {
    "A": ["93.184.216.34"],
    "MX": ["mail.example.com"],
    "NS": ["ns1.example.com", "ns2.example.com"]
  },
  "ssl_info": {
    "issuer": "DigiCert Inc",
    "valid_until": "2024-12-31",
    "subject_alt_names": ["example.com", "www.example.com"]
  },
  "whois_info": {
    "registrar": "ICANN",
    "creation_date": "1995-08-14",
    "expiration_date": "2024-08-13"
  }
}

DDoS Defense Simulation

Enter target domain: example.com
{
  "target": "example.com",
  "simulation_type": "comprehensive",
  "rate_limiting_analysis": {
    "detected": true,
    "mechanisms": ["HTTP 429 Rate Limiting", "Response Time Throttling"]
  },
  "cdn_analysis": {
    "detected": true,
    "provider": "Cloudflare",
    "protection_level": "High"
  },
  "firewall_detection": {
    "detected": true,
    "type": "Web Application Firewall (WAF)",
    "protection_level": "High"
  },
  "defense_recommendations": {
    "risk_assessment": {
      "level": "Low",
      "score": 7,
      "description": "Good DDoS protection in place"
    }
  }
}

Security & Ethics

Important Notes

• For Educational Purposes Only: This tool is designed for ethical hacking and security research
• Legal Compliance: Always obtain proper authorization before testing systems
• Responsible Disclosure: Report vulnerabilities to system owners
• No Malicious Use: Do not use for unauthorized access or attacks

Best Practices

• Use only on systems you own or have explicit permission to test
• Follow responsible disclosure guidelines
• Respect rate limits and terms of service for APIs
• Keep API keys secure and private

Troubleshooting

Common Issues

1. Permission Errors: Run with appropriate permissions for network scanning
2. API Errors: Verify API keys are correct and active
3. Network Issues: Ensure internet connection for API calls
4. Firewall Blocking: Check firewall settings for network scanning features

Getting Help

• Check the console output for error messages
• Verify API keys are correct and active
• Ensure internet connection for API calls
• Check firewall settings for network scanning features

Security Features

Network Security Monitoring

• Real-time connection monitoring
• Suspicious activity detection
• Port scan detection
• Network anomaly analysis

Threat Intelligence

• IP and domain reputation checking
• Malware indicator analysis
• Phishing detection heuristics
• Blacklist monitoring

Intrusion Detection

• System event analysis
• Process monitoring
• File integrity checking
• Security recommendations

Vulnerability Assessment

• Web vulnerability scanning
• Network service analysis
• Configuration issue detection
• SSL/TLS security analysis

DDoS Defense Analysis

• Rate limiting detection
• Traffic pattern analysis
• Load balancing identification
• CDN protection analysis
• Firewall and WAF detection
• Defense recommendations

Dependencies

• requests - HTTP requests
• colorama - Terminal color output
• python-dotenv - Environment variable management
• dnspython - DNS resolution
• python-whois - WHOIS data retrieval
• pyOpenSSL - SSL/TLS analysis
• psutil - System and process monitoring

Ethical Use

This tool is designed for:

• Authorized security testing on systems you own or have permission to test
• Educational purposes in controlled environments
• Security research with proper authorization
• Penetration testing with written consent

Important: Always obtain proper authorization before testing any system. Unauthorized testing is illegal and unethical.

License

This project is licensed under the MIT License.

Disclaimer

This tool is for educational and authorized security testing purposes only. Users are responsible for ensuring they have proper authorization before using this tool on any systems. The authors are not responsible for any misuse or damage caused by this tool.

Support

For support, questions, or feature requests:

• Create an issue on GitHub
• Check the troubleshooting section
• Ensure you're using the latest version
• Contact on Discord

---

Remember: Always use this tool ethically and legally. Only test systems you own or have explicit permission to test.

---

Made by NotGamerPratham for the security community