Author: D0up4
Project Type: Real-world Blue team tool.
Last Updated: 06/2025
This project is a lightweight TCP port scan detector built with Python and Scapy. It captures live TCP traffic on a network interface and analyzes SYN packets to identify potential port scanning or brute-force activity based on the frequency of connection attempts to different ports.
- β Captures live TCP packets using Scapy
- β Detects suspicious SYN packet bursts indicating possible port scans or brute-force attacks
- β Configurable thresholds for detection sensitivity (number of attempts and time window)
- β Simple console output alerts when suspicious activity is detected
- β Pure Python implementation with minimal dependencies
Run the script with administrative privileges to allow packet capturing:
sudo python port_scan_detector.py