network-testing-tool
Web-based network toolbox: Ping, port scan, DNS, WHOIS & more in your browser.
4.5K
Web-based network toolbox: Ping, port scan, DNS, WHOIS, traceroute & more from your browser. Just run the container and start testing!
š Docker Hub: garfieldwtf/network-testing-toolā
docker run -d --name nettool --network host --cap-add=NET_ADMIN --cap-add=NET_RAW --restart unless-stopped garfieldwtf/network-testing-tool:latest
Then open http://localhost:5000ā in your browser.
version: '3.8'
services:
nettool:
image: garfieldwtf/network-testing-tool:latest
container_name: nettool
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
restart: unless-stopped
docker run -d --name nettool -p 5000:5000 --cap-add=NET_ADMIN --cap-add=NET_RAW garfieldwtf/network-testing-tool:latest
| Tool | Description |
|---|---|
| Ping | Test connectivity with customizable packet count |
| Traceroute | Trace the route packets take to a host |
| MTR | Combine ping + traceroute for detailed analysis |
| ARP Scan | Discover devices on your local network |
| Tool | Description |
|---|---|
| Basic TCP Scan | Scan port ranges with service detection |
| Advanced TCP/UDP | Scan specific ports with banner grabbing |
| Preset Port Lists | Common, web, database ports |
| Thread Control | Adjust scan speed vs. accuracy |
| Tool | Description |
|---|---|
| DNS Lookup | Get IPv4 and IPv6 addresses |
| Reverse DNS | Find hostname from IP address |
| DNS Records | Query MX, NS, TXT, SOA records |
| Tool | Description |
|---|---|
| HTTP Headers | Fetch and analyze response headers |
| SSL Certificate | View certificate details and expiry |
| HTTP Status | Check response codes and times |
| Tool | Description |
|---|---|
| Network Interfaces | Display all interfaces and IPs |
| Netstat | View active network connections |
| Bandwidth Test | Test download speed |
| Public IP | Get IPv4/IPv6 with geolocation |
| Tool | Description |
|---|---|
| WHOIS Lookup | Domain registration information |
| GeoIP | Geographic location of IP addresses |
| IP Calculator | Subnet calculations and network ranges |
Once running, open your browser to http://localhost:5000ā and use the 6 tabs:
# Ping a host
curl -X POST http://localhost:5000/ping \
-H "Content-Type: application/json" \
-d '{"host":"google.com","count":4}'
# Traceroute
curl -X POST http://localhost:5000/traceroute \
-H "Content-Type: application/json" \
-d '{"host":"google.com"}'
# Port scan (range)
curl -X POST http://localhost:5000/portscan \
-H "Content-Type: application/json" \
-d '{"host":"192.168.1.1","start_port":1,"end_port":100}'
# Advanced scan (specific ports)
curl -X POST http://localhost:5000/advanced_scan \
-H "Content-Type: application/json" \
-d '{"host":"example.com","ports":[80,443,8080],"protocol":"tcp"}'
# DNS lookup
curl -X POST http://localhost:5000/dns_lookup \
-H "Content-Type: application/json" \
-d '{"host":"google.com"}'
# HTTP headers
curl -X POST http://localhost:5000/http_headers \
-H "Content-Type: application/json" \
-d '{"url":"https://example.com"}'
# SSL certificate check
curl -X POST http://localhost:5000/ssl_check \
-H "Content-Type: application/json" \
-d '{"host":"google.com","port":443}'
# WHOIS lookup
curl -X POST http://localhost:5000/whois_lookup \
-H "Content-Type: application/json" \
-d '{"domain":"example.com"}'
# GeoIP lookup
curl -X POST http://localhost:5000/geoip \
-H "Content-Type: application/json" \
-d '{"ip":"8.8.8.8"}'
import requests
import json
url = "http://localhost:5000"
# Ping
response = requests.post(f"{url}/ping",
json={"host": "google.com", "count": 4})
print(response.json())
# Port scan
response = requests.post(f"{url}/portscan",
json={"host": "192.168.1.1",
"start_port": 1,
"end_port": 1000})
print(response.json())
# DNS lookup
response = requests.post(f"{url}/dns_lookup",
json={"host": "google.com"})
print(f"IPv4: {response.json()['ipv4']}")
print(f"IPv6: {response.json()['ipv6']}")
| Capability | Purpose |
|---|---|
NET_ADMIN | Network interface configuration |
NET_RAW | Raw socket access (ping, traceroute) |
| Feature | Linux | macOS | Windows |
|---|---|---|---|
| Ping | ā Full | ā Limited | ā Limited |
| Traceroute | ā Full | ā Limited | ā Limited |
| ARP Scan | ā Full | ā No | ā No |
| Port Scan | ā Full | ā Full | ā Full |
| Host Network | ā Yes | ā No | ā No |
| UDP Scan | ā Yes | ā Yes | ā Yes |
| Issue | Solution |
|---|---|
| ARP scan fails | Use host network: --network host --cap-add=NET_ADMIN |
| Cannot connect to web UI | Check if port 5000 is mapped: docker ps | grep nettool |
| Permission denied errors | Add capabilities: --cap-add=NET_ADMIN --cap-add=NET_RAW |
| Port scan shows no results | Check firewall on target; try common ports first |
| Container won't start | Check logs: docker logs nettool |
| Slow UDP scans | UDP is inherently slower; reduce timeout or port count |
| Public IP not showing IPv6 | Your network may not have IPv6 connectivity |
# View logs
docker logs -f nettool
# Enter container
docker exec -it nettool /bin/bash
# Check container status
docker ps -a | grep nettool
# Restart container
docker restart nettool
# Stop container
docker stop nettool
# Remove container
docker rm nettool
# Update to latest version
docker pull garfieldwtf/network-testing-tool:latest
docker stop nettool
docker rm nettool
# Then run again with your preferred options
# Test if container is working
curl http://localhost:5000
# Test Python packages
docker exec nettool python -c "import flask; print('Flask OK')"
docker exec nettool python -c "import netifaces; print('netifaces OK')"
# Test network tools
docker exec nettool ping -c 1 8.8.8.8
docker exec nettool traceroute -m 2 8.8.8.8
A: No, everything runs inside the Docker container.
A: Host network mode gives the container full access to your network interfaces, enabling ARP scanning and better network performance.
A: Yes, but with limitations. ARP scanning and host network mode won't work. Use port mapping instead: -p 5000:5000
A: Use ARP scan in the Basic Tools tab, or use port scanner with your local IP range (e.g., 192.168.1.0/24).
A: Yes, but only run it in trusted networks. Don't expose it to the public internet.
A: Basic scan uses port ranges; advanced scan lets you specify exact ports and supports UDP.
A: UDP is connectionless and requires timeouts to determine if a port is open.
A: Currently, results are displayed in the web UI. You can copy/paste them manually.
A: docker pull garfieldwtf/network-testing-tool:latest then recreate the container.
A: No authentication - it's designed for local network use only.
A: Yes, use http://YOUR_SERVER_IP:5000, but ensure your firewall is configured properly.
docker run -d --name nettool -p 8080:5000 --cap-add=NET_ADMIN --cap-add=NET_RAW garfieldwtf/network-testing-tool:latest
Access at: http://localhost:8080ā
docker run -d --name nettool --network host --cap-add=NET_ADMIN --cap-add=NET_RAW -v $(pwd)/logs:/app/logs garfieldwtf/network-testing-tool:latest
docker run -d --name nettool --network host --cap-add=NET_ADMIN --cap-add=NET_RAW --memory="512m" --cpus="0.5" garfieldwtf/network-testing-tool:latest
docker run -d --name nettool --network host --cap-add=NET_ADMIN --cap-add=NET_RAW -e INTERFACE=eth0 garfieldwtf/network-testing-tool:latest
| Operation | Recommended Settings |
|---|---|
| Quick ping | Count: 4, Timeout: 2s |
| Network discovery | ARP scan or ping sweep |
| Fast port scan | Threads: 100, Ports: common only |
| Thorough scan | Threads: 50, Full range, longer timeout |
| UDP scan | Ports: < 100, Timeout: 3000ms |
| Bandwidth test | Size: 10MB for quick test |
Since there's no GitHub repository, you can:
MIT License - Use freely for personal and commercial purposes.
Copyright (c) 2024 garfieldwtf
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Made with ā¤ļø for network professionals everywhere
Content type
Image
Digest
sha256:f12f7285eā¦
Size
42.7 MB
Last updated
4 days ago
docker pull garfieldwtf/network-testing-tool