| Name | weave-cli JSON |
| Version |
1.1.0
JSON |
| download |
| home_page | None |
| Summary | Weave Network CLI: network discovery, async port scanning, camera detection, and risk analysis. |
| upload_time | 2025-08-26 12:09:44 |
| maintainer | None |
| docs_url | None |
| author | Kai Gartner |
| requires_python | >=3.9 |
| license | PolyForm Noncommercial License 1.0.0
Acceptance
By using the software, you agree to all the terms of this license.
Copyright License
The licensor grants you a nonexclusive, worldwide, nontransferable license to use, copy, modify, and
redistribute the software, with or without changes, in source and binary forms, for noncommercial
purposes only.
Noncommercial Purposes
Noncommercial purposes means not intended for or directed towards commercial advantage or monetary
compensation. You may use the software for personal, educational, research, or internal evaluation
purposes. Any use by or on behalf of a for-profit company for its commercial advantage, including in
production, or in connection with a revenue-generating service or product, is a commercial use and is
not permitted under this license.
Patents
The licensor grants you a patent license to make, have made, use, offer to sell, sell, import, and
otherwise transfer the software, where such license applies only to those patent claims the licensor
can license that are necessarily infringed by the software.
Notices
You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of
this license and any copyright notice, license notice, and noncommercial notice included with the
software. If you modify the software, you must include a notice stating that you have modified it.
No Trademark License
This license does not grant you any right in the licensor’s trademarks, service marks, or logos.
No Other Rights
These terms do not grant you any rights in the software not expressly granted by this license. The
software may be subject to other licenses.
Disclaimer of Warranty
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES, OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT
OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Limitation of Liability
EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU FOR
DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE
OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED
INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH
ANY OTHER PROGRAMS), EVEN IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Termination
If you use the software in violation of these terms, this license terminates automatically. Upon
termination, you must cease all use and distribution of the software.
Commercial Licensing
If you wish to use the software for commercial purposes, please contact the authors to obtain a
commercial license.
|
| keywords |
network
scanner
security
cli
camera
onvif
discovery
port-scan
iot
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Weave Network CLI (WNC)
Modular Python CLI for network discovery, port/protocol scanning, and device (e.g., IP camera) detection, guided by an interactive wizard with live progress.
## Quickstart
1. Create virtualenv and install deps:
```
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
```
2. Run the wizard (basic):
```
python -m wnc wizard
```
3. Full extended scan with JSON report and risk analysis:
```
python -m wnc wizard --yes --output scan_report.json --analyze
```
4. Or run commands directly:
```
python -m wnc scan internal
python -m wnc scan ports --target 192.168.1.10 --top 1000
python -m wnc scan cameras --subnet 192.168.1.0/24
```
## Features
- Interactive wizard with Rich progress bars
- Internal network discovery (interfaces, subnets)
- Host discovery (TCP connect checks)
- Async port scan and banner grabbing (HTTP/HTTPS/SSH/Redis/Memcached) with HTTP title extraction
- Camera heuristics (HTTP/RTSP), ONVIF WS-Discovery, optional ONVIF SOAP info, optional ONVIF password change
- Device fingerprinting from HTTP/RTSP/SSDP/mDNS/ONVIF evidence with confidence scoring
- LAN latency to default gateway and DNS (median/p95 via TCP connect RTTs)
- SSDP/UPnP discovery; mDNS service discovery
- Passive ARP table parsing with MAC OUI vendor hints (no ARP sweep)
- Speedtest and RTT-based rough location
- Risk analyzer that scores and summarizes findings
- Modular scanners in `wnc/scanners/`
## CLI Flags (wizard)
- `--extended/--no-extended` run extended tasks (default: on)
- `--weak-auth/--no-weak-auth` test common default credentials for HTTP/RTSP on camera-like hosts (safe, read-only) (default: on)
- `--creds "u1:p1,u2:p2"` custom username:password pairs to try for weak-auth
- `--change-password` attempt ONVIF password change when weak creds found (DANGEROUS; modifies device)
- `--change-user <user>` target username for ONVIF password change (defaults to the weak-cred username)
- `--new-password <pw>` new password to set (required with `--change-password`)
- `--wifi` collect Wi‑Fi info (macOS) including current SSID/BSSID/channel/RSSI and nearby APs
- `--lan-speed` measure LAN latency to default gateway and DNS (RTT med/p95)
- `--speedtest-runs <1-3>` number of speedtest runs
- `--output <path>` write full JSON report to path
- `--analyze/--no-analyze` run risk analyzer and include results in report (default: on)
- `--yes` non-interactive; auto-accept prompts
## Report (JSON)
When `--output` is provided, the wizard writes a JSON file including:
- `subnets`, `hosts`, `port_sample_hosts`, `port_open`
- `udp_samples` (labeled UDP services per sampled host)
- `cameras`, `onvif`, `onvif_info`, `weak_auth_findings`, `onvif_password_change`
- `ssdp`, `mdns_records`, `arp`, `banners`
- `devices` (fingerprinted vendor/product/type with confidence)
- `wifi` (macOS current network and nearby APs)
- `lan_speed` (gateway and DNS RTT stats, open ports tried)
- `speedtest`, `location`, `location_top`, `location_targets`, `risk`, `summary`
## Docker
Build image:
```bash
docker build -t weave-network-cli:latest .
```
Run the wizard (save report locally):
```bash
# Linux: host networking gives best local LAN visibility
# macOS/Windows: --network host is not supported the same way; container can still reach LAN via bridged networking
docker run --rm \
--name wnc \
--network host \
-v "$PWD:/data" \
weave-network-cli:latest wizard --yes --extended --output /data/scan_report.json
```
Other commands:
```bash
docker run --rm --network host weave-network-cli:latest scan internal
docker run --rm --network host weave-network-cli:latest scan ports --target 192.168.1.10 --top 200
docker run --rm --network host weave-network-cli:latest scan cameras --subnet 192.168.1.0/24
```
Limitations in container:
- `--wifi` (macOS Wi‑Fi details) will not work inside Docker.
- Host network mode is recommended on Linux for local discovery.
## npm (Node wrapper)
You can use an npm wrapper to invoke WNC without installing Python. It prefers Docker (and falls back to local Python if available).
Run via npx:
```bash
npx @thephotocodegrapher/wnc wizard --yes --extended --output ./scan_report.json
```
Or install globally:
```bash
npm i -g @thephotocodegrapher/wnc
wnc wizard --yes --extended --output ./scan_report.json
```
Notes:
- Requires Docker for best experience; on Linux, host networking is used automatically when available.
- On macOS/Windows, Docker networking differs; discovery still works via bridged networking.
## Python API
Use WNC programmatically without packaging to PyPI. Import sync helpers from `wnc`:
```python
from wnc import internal_subnets, hosts, ports, cameras, wizard
subs = internal_subnets()
print("Subnets:", subs)
if subs:
live = hosts(subnet=subs[0])
print("Live hosts:", live[:10])
if live:
open_ports = ports(live[0], top_n=100)
print("Open ports:", [(r.port, r.service) for r in open_ports])
cams = cameras(subs[0])
for c in cams[:5]:
print("Camera:", c.ip, c.vendor, c.evidence[:3])
# Run the interactive wizard non-interactively and save a JSON report
wizard(yes=True, extended=True, output="scan_report.json")
```
Available helpers in `wnc`:
- `internal_subnets() -> List[str]`
- `hosts(subnet, limit=None) -> List[str]`
- `ports(host, top_n=200, ports=None) -> List[PortResult]`
- `cameras(subnet) -> List[CameraCandidate]`
- `wizard(...same flags as CLI...) -> None`
## Notes
- ICMP ping typically requires elevated privileges. This tool uses fast TCP connect checks to infer live hosts.
- Scans are best-effort and may miss hosts with strict firewalls.
- ONVIF SOAP device information is unauthenticated by default and best-effort (short timeouts).
- ONVIF password change is disabled by default; only runs with `--change-password` and requires `--new-password`. Behavior varies by vendor.
## License
This project is released under the PolyForm Noncommercial License 1.0.0. You may use, copy, modify, and redistribute the software for noncommercial purposes.
- Noncommercial means not intended for or directed toward commercial advantage or monetary compensation.
- For commercial use, please contact the authors to obtain a commercial license.
See the full text in `LICENSE`.
## Maintainer
- [Kai Gartner](https://linkedin.com/in/kaigartner)
## Project Meta
- [Contributing](CONTRIBUTING.md)
- [Code of Conduct](CODE_OF_CONDUCT.md)
- [Security Policy](SECURITY.md)
- [Changelog](CHANGELOG.md)
- [Third-Party Notices](THIRD_PARTY.md)
Raw data
{
"_id": null,
"home_page": null,
"name": "weave-cli",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": null,
"keywords": "network, scanner, security, cli, camera, onvif, discovery, port-scan, iot",
"author": "Kai Gartner",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/6e/cf/64d8feb16c0517b582f86d32d4293ccc038b347f708e08b19462c51d3979/weave_cli-1.1.0.tar.gz",
"platform": null,
"description": "# Weave Network CLI (WNC)\n\nModular Python CLI for network discovery, port/protocol scanning, and device (e.g., IP camera) detection, guided by an interactive wizard with live progress.\n\n## Quickstart\n\n1. Create virtualenv and install deps:\n\n```\npython3 -m venv .venv\nsource .venv/bin/activate\npip install -r requirements.txt\n```\n\n2. Run the wizard (basic):\n\n```\npython -m wnc wizard\n```\n\n3. Full extended scan with JSON report and risk analysis:\n\n```\npython -m wnc wizard --yes --output scan_report.json --analyze\n```\n\n4. Or run commands directly:\n\n```\npython -m wnc scan internal\npython -m wnc scan ports --target 192.168.1.10 --top 1000\npython -m wnc scan cameras --subnet 192.168.1.0/24\n```\n\n## Features\n\n- Interactive wizard with Rich progress bars\n- Internal network discovery (interfaces, subnets)\n- Host discovery (TCP connect checks)\n- Async port scan and banner grabbing (HTTP/HTTPS/SSH/Redis/Memcached) with HTTP title extraction\n- Camera heuristics (HTTP/RTSP), ONVIF WS-Discovery, optional ONVIF SOAP info, optional ONVIF password change\n- Device fingerprinting from HTTP/RTSP/SSDP/mDNS/ONVIF evidence with confidence scoring\n- LAN latency to default gateway and DNS (median/p95 via TCP connect RTTs)\n- SSDP/UPnP discovery; mDNS service discovery\n- Passive ARP table parsing with MAC OUI vendor hints (no ARP sweep)\n- Speedtest and RTT-based rough location\n- Risk analyzer that scores and summarizes findings\n- Modular scanners in `wnc/scanners/`\n\n## CLI Flags (wizard)\n\n- `--extended/--no-extended` run extended tasks (default: on)\n- `--weak-auth/--no-weak-auth` test common default credentials for HTTP/RTSP on camera-like hosts (safe, read-only) (default: on)\n- `--creds \"u1:p1,u2:p2\"` custom username:password pairs to try for weak-auth\n- `--change-password` attempt ONVIF password change when weak creds found (DANGEROUS; modifies device)\n- `--change-user <user>` target username for ONVIF password change (defaults to the weak-cred username)\n- `--new-password <pw>` new password to set (required with `--change-password`)\n- `--wifi` collect Wi\u2011Fi info (macOS) including current SSID/BSSID/channel/RSSI and nearby APs\n- `--lan-speed` measure LAN latency to default gateway and DNS (RTT med/p95)\n- `--speedtest-runs <1-3>` number of speedtest runs\n- `--output <path>` write full JSON report to path\n- `--analyze/--no-analyze` run risk analyzer and include results in report (default: on)\n- `--yes` non-interactive; auto-accept prompts\n\n## Report (JSON)\n\nWhen `--output` is provided, the wizard writes a JSON file including:\n\n- `subnets`, `hosts`, `port_sample_hosts`, `port_open`\n- `udp_samples` (labeled UDP services per sampled host)\n- `cameras`, `onvif`, `onvif_info`, `weak_auth_findings`, `onvif_password_change`\n- `ssdp`, `mdns_records`, `arp`, `banners`\n- `devices` (fingerprinted vendor/product/type with confidence)\n- `wifi` (macOS current network and nearby APs)\n- `lan_speed` (gateway and DNS RTT stats, open ports tried)\n- `speedtest`, `location`, `location_top`, `location_targets`, `risk`, `summary`\n\n## Docker\n\nBuild image:\n\n```bash\ndocker build -t weave-network-cli:latest .\n```\n\nRun the wizard (save report locally):\n\n```bash\n# Linux: host networking gives best local LAN visibility\n# macOS/Windows: --network host is not supported the same way; container can still reach LAN via bridged networking\n\ndocker run --rm \\\n --name wnc \\\n --network host \\\n -v \"$PWD:/data\" \\\n weave-network-cli:latest wizard --yes --extended --output /data/scan_report.json\n```\n\nOther commands:\n\n```bash\ndocker run --rm --network host weave-network-cli:latest scan internal\n\ndocker run --rm --network host weave-network-cli:latest scan ports --target 192.168.1.10 --top 200\n\ndocker run --rm --network host weave-network-cli:latest scan cameras --subnet 192.168.1.0/24\n```\n\nLimitations in container:\n\n- `--wifi` (macOS Wi\u2011Fi details) will not work inside Docker.\n- Host network mode is recommended on Linux for local discovery.\n\n## npm (Node wrapper)\n\nYou can use an npm wrapper to invoke WNC without installing Python. It prefers Docker (and falls back to local Python if available).\n\nRun via npx:\n\n```bash\nnpx @thephotocodegrapher/wnc wizard --yes --extended --output ./scan_report.json\n```\n\nOr install globally:\n\n```bash\nnpm i -g @thephotocodegrapher/wnc\nwnc wizard --yes --extended --output ./scan_report.json\n```\n\nNotes:\n\n- Requires Docker for best experience; on Linux, host networking is used automatically when available.\n- On macOS/Windows, Docker networking differs; discovery still works via bridged networking.\n\n## Python API\n\nUse WNC programmatically without packaging to PyPI. Import sync helpers from `wnc`:\n\n```python\nfrom wnc import internal_subnets, hosts, ports, cameras, wizard\n\nsubs = internal_subnets()\nprint(\"Subnets:\", subs)\n\nif subs:\n live = hosts(subnet=subs[0])\n print(\"Live hosts:\", live[:10])\n\n if live:\n open_ports = ports(live[0], top_n=100)\n print(\"Open ports:\", [(r.port, r.service) for r in open_ports])\n\n cams = cameras(subs[0])\n for c in cams[:5]:\n print(\"Camera:\", c.ip, c.vendor, c.evidence[:3])\n\n# Run the interactive wizard non-interactively and save a JSON report\nwizard(yes=True, extended=True, output=\"scan_report.json\")\n```\n\nAvailable helpers in `wnc`:\n\n- `internal_subnets() -> List[str]`\n- `hosts(subnet, limit=None) -> List[str]`\n- `ports(host, top_n=200, ports=None) -> List[PortResult]`\n- `cameras(subnet) -> List[CameraCandidate]`\n- `wizard(...same flags as CLI...) -> None`\n\n## Notes\n\n- ICMP ping typically requires elevated privileges. This tool uses fast TCP connect checks to infer live hosts.\n- Scans are best-effort and may miss hosts with strict firewalls.\n- ONVIF SOAP device information is unauthenticated by default and best-effort (short timeouts).\n- ONVIF password change is disabled by default; only runs with `--change-password` and requires `--new-password`. Behavior varies by vendor.\n\n## License\n\nThis project is released under the PolyForm Noncommercial License 1.0.0. You may use, copy, modify, and redistribute the software for noncommercial purposes.\n\n- Noncommercial means not intended for or directed toward commercial advantage or monetary compensation.\n- For commercial use, please contact the authors to obtain a commercial license.\n\nSee the full text in `LICENSE`.\n\n## Maintainer\n\n- [Kai Gartner](https://linkedin.com/in/kaigartner)\n\n## Project Meta\n\n- [Contributing](CONTRIBUTING.md)\n- [Code of Conduct](CODE_OF_CONDUCT.md)\n- [Security Policy](SECURITY.md)\n- [Changelog](CHANGELOG.md)\n- [Third-Party Notices](THIRD_PARTY.md)\n",
"bugtrack_url": null,
"license": "PolyForm Noncommercial License 1.0.0\n \n Acceptance\n By using the software, you agree to all the terms of this license.\n \n Copyright License\n The licensor grants you a nonexclusive, worldwide, nontransferable license to use, copy, modify, and\n redistribute the software, with or without changes, in source and binary forms, for noncommercial\n purposes only.\n \n Noncommercial Purposes\n Noncommercial purposes means not intended for or directed towards commercial advantage or monetary\n compensation. You may use the software for personal, educational, research, or internal evaluation\n purposes. Any use by or on behalf of a for-profit company for its commercial advantage, including in\n production, or in connection with a revenue-generating service or product, is a commercial use and is\n not permitted under this license.\n \n Patents\n The licensor grants you a patent license to make, have made, use, offer to sell, sell, import, and\n otherwise transfer the software, where such license applies only to those patent claims the licensor\n can license that are necessarily infringed by the software.\n \n Notices\n You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of\n this license and any copyright notice, license notice, and noncommercial notice included with the\n software. If you modify the software, you must include a notice stating that you have modified it.\n \n No Trademark License\n This license does not grant you any right in the licensor\u2019s trademarks, service marks, or logos.\n \n No Other Rights\n These terms do not grant you any rights in the software not expressly granted by this license. The\n software may be subject to other licenses.\n \n Disclaimer of Warranty\n THE SOFTWARE IS PROVIDED \u201cAS IS\u201d, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT\n NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND\n NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,\n DAMAGES, OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT\n OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n \n Limitation of Liability\n EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL THE LICENSOR BE LIABLE TO YOU FOR\n DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE\n OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED\n INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH\n ANY OTHER PROGRAMS), EVEN IF THE LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.\n \n Termination\n If you use the software in violation of these terms, this license terminates automatically. Upon\n termination, you must cease all use and distribution of the software.\n \n Commercial Licensing\n If you wish to use the software for commercial purposes, please contact the authors to obtain a\n commercial license.\n ",
"summary": "Weave Network CLI: network discovery, async port scanning, camera detection, and risk analysis.",
"version": "1.1.0",
"project_urls": {
"Homepage": "https://github.com/ThePhotoCodeGrapher/Network-CLI-scanner",
"Issues": "https://github.com/ThePhotoCodeGrapher/Network-CLI-scanner/issues"
},
"split_keywords": [
"network",
" scanner",
" security",
" cli",
" camera",
" onvif",
" discovery",
" port-scan",
" iot"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "d2cf0942f7ea06f4e9bf9da897164c7f8ac2a6bd88129f3f5d5cd7aa3b4e3a29",
"md5": "db7a3fc008b7653f173501f78a903e49",
"sha256": "415f72154c2db4028e4bea01ef180c245a41256363e135788746d3bf54ee6cb3"
},
"downloads": -1,
"filename": "weave_cli-1.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "db7a3fc008b7653f173501f78a903e49",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 46972,
"upload_time": "2025-08-26T12:09:42",
"upload_time_iso_8601": "2025-08-26T12:09:42.758930Z",
"url": "https://files.pythonhosted.org/packages/d2/cf/0942f7ea06f4e9bf9da897164c7f8ac2a6bd88129f3f5d5cd7aa3b4e3a29/weave_cli-1.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "6ecf64d8feb16c0517b582f86d32d4293ccc038b347f708e08b19462c51d3979",
"md5": "2f3648cab7e71c83faa6070d5af9e8b5",
"sha256": "4b7ae72eb7df6d68935cfc7c0b2f2b6c3b8d0dd9139b9b8c8deb5c2b80361a22"
},
"downloads": -1,
"filename": "weave_cli-1.1.0.tar.gz",
"has_sig": false,
"md5_digest": "2f3648cab7e71c83faa6070d5af9e8b5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 38216,
"upload_time": "2025-08-26T12:09:44",
"upload_time_iso_8601": "2025-08-26T12:09:44.406112Z",
"url": "https://files.pythonhosted.org/packages/6e/cf/64d8feb16c0517b582f86d32d4293ccc038b347f708e08b19462c51d3979/weave_cli-1.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-08-26 12:09:44",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ThePhotoCodeGrapher",
"github_project": "Network-CLI-scanner",
"github_not_found": true,
"lcname": "weave-cli"
}
