Cybertection Port Master Ai (for windows only)

How to Use Cybertection Port Master AI

This guide explains the main features of the application.

Prerequisites:

• Windows Operating System: The tool is designed primarily for Windows as it uses netsh advfirewall commands.
• Python 3.x: Ensure you have Python installed.
• port_database.json: This crucial file must be present in the same directory as the script. You may need to run the generate_db.py script first to create it.
• Administrator Privileges: The application needs to run as an administrator to modify firewall rules. It will attempt to request elevation automatically when started. If it fails, many features will be disabled.

Running the Application:

Open a Command Prompt or PowerShell as Administrator.

Navigate to the directory containing the script (cybertection_ai.py or similar) and port_database.json.

Run the script using: python your_script_name.py (replace your_script_name.py with the actual filename).

Main Tabs:

Port Control:

• Port Database Explorer: Browse through the list of known ports from the port_database.json. Risky ports are color-coded.
• Search: Type a port number or service name to filter the list. Click 'X' to clear.
• Selection: Click a port in the list to view its details.
• AI Port Advisor: This panel (right side) shows detailed information for the selected port:
  • Description: What the port/service is generally used for.
  • Common Use Cases: Examples of why it might be needed.
  • Security Risks: Potential vulnerabilities or ways it can be misused.
  • AI Recommendation: Guidance based on the database (e.g., "BLOCK unless...", "ALLOW if...").
  • Database Risk: The risk level assigned in the database (Low, Medium, High, Critical).
  • Firewall State: The current status (Allowed/Blocked/Partial/Unknown) of the rule managed by this tool for the selected port and protocol. Click "Check State" to refresh.
• Protocol: Select TCP, UDP, or Both to specify which protocol(s) your action applies to. This also affects the "Firewall State" display.
• Custom Port/Range: Enter a specific port number (e.g., 8088) or a range (e.g., 9000-9100) to manage ports not listed or ranges. Selecting from the list clears this field, and typing here clears the list selection.
• Action Buttons:
  • Check State: Queries the firewall for rules managed by this tool for the selected port/protocol.
  • ALLOW Port: Creates firewall rules to allow incoming traffic for the selected/custom port(s) and protocol(s). A warning will appear for High/Critical risk ports.
  • BLOCK Port: Deletes firewall rules managed by this tool, effectively blocking incoming traffic for the selected/custom port(s) and protocol(s).
  • Advanced: Opens a menu with more powerful (and potentially dangerous) options.

Network Scanner:

• Target IP: Enter the IP address or hostname you want to scan.
• Port Range: Specify the start and end ports for the scan (e.g., 1-1024).
• Start TCP Scan: Initiates a TCP connect scan against the target for the specified range.
• Results: Open ports will be listed in the text area, along with their service name and risk level from the database.

Security Profiles:

• Security Profile Dropdown: Select a predefined profile (Hardened, Balanced, Permissive) or Custom.
• Description/Rule Summary: Shows information about the selected profile's intended behavior and example rules it might manage.
• Apply Profile Rules: (Use with Caution!) Modifies firewall rules managed by this tool (CS_Port_*) according to the definition of the selected profile (Hardened, Balanced, Permissive). Does nothing for "Custom".
• Enforce Secure Mode: When checked, applying any profile (or using the specific enforcement option) will ensure all ports marked as "Critical" in the database are actively blocked.

Activity Log:

• Displays timestamped messages about application actions, firewall command results, scans, and errors.
• Copy Log: Copies the entire log content to the clipboard.
• Save Log: Saves the log content to a text file.
• Clear Log: Clears the log display after confirmation.

Advanced Menu Options (Access via "Advanced" button on Port Control tab):

• List ALL Managed Rules: Shows details of all firewall rules whose names start with CS_Port_.
• Delete ALL Managed Rules...: (Dangerous!) Deletes all firewall rules created by this tool after confirmation.
• Reset Windows Firewall to Defaults...: (EXTREMELY DANGEROUS!) Resets the entire Windows Firewall to its default state, deleting ALL rules (including non-tool rules and built-in ones). Use only as a last resort.
• Open Port Database File: Opens port_database.json in your default text editor.
• Reload Port Database: Reloads the port information from port_database.json without restarting the app.
• About Cybertection: Shows application information.

 

README.md

Markdown

# Cybertection Port Master AI v3.6 **AI-Enhanced Port Management & Security Tool for Windows Firewall**

**(Generated: Friday, May 2, 2025 at 8:19:42 PM EDT)**

## Overview Cybertection Port Master AI is a graphical tool designed to help users manage Windows Firewall rules for specific ports with greater ease and insight. It leverages the `netsh advfirewall` command-line interface but provides a user-friendly GUI. The core feature is the "AI Port Advisor," which utilizes a comprehensive JSON database (`port_database.json`) to provide detailed information about ports, including common uses, security risks, and recommendations, helping users make more informed decisions about opening or closing ports.

**Primary Functions:** * Allow/Block specific TCP/UDP ports or ranges via Windows Firewall. * Provide detailed information and security guidance for selected ports ("AI Advisor"). * Apply predefined security profiles (Hardened, Balanced, Permissive). * Perform basic TCP port scans on target hosts. * Log all actions and results.

**Disclaimer:** This tool directly modifies system firewall settings. Use it responsibly, with proper authorization, and at your own risk. Incorrect configuration can impact network connectivity and security. It is primarily designed for Windows. ## Features *

**Port Control Tab:** * Browse and search an extensive port database. * View detailed port information: Description, Use Cases, Risks, Recommendation, Risk Level. * Check current firewall state for managed rules (Allow/Block/Partial). * Allow or Block selected/custom ports/ranges for TCP, UDP, or Both. * AI-driven warnings when attempting to allow high-risk ports. *

**Network Scanner Tab:** * Perform TCP connect scans on specified IP/hostname and port range. * View open ports with service and risk level information. *

**Security Profiles Tab:** * Select predefined security levels (Hardened, Balanced, Permissive) based on database risk levels. * Apply profile rules to automatically manage (`CS_Port_*` prefixed) firewall rules. * Toggle "Secure Mode" to enforce blocking of all 'Critical' risk ports. *

**Activity Log Tab:** * View detailed, timestamped logs of all operations. * Copy, Save, and Clear log capabilities. *

**Advanced Management:** * List or Delete all rules managed by this tool. * Option to reset the entire Windows Firewall (Use with extreme caution!). * Open and Reload the Port Database file. *

**Admin Elevation:** Attempts to automatically request Administrator privileges on startup (required for firewall changes). * **Themed UI:** Uses a dark, "cyberpunk" styled theme with clear visual indicators. ## Requirements *

**Operating System:** Windows 10 / Windows 11 (Recommended). Uses `netsh advfirewall`. Limited functionality on other OSes. *

*Python:** Python 3.6 or higher. *

**Port Database:** A `port_database.json` file (containing port information) must be present in the same directory as the script. A generation script (`generate_db.py` or similar) might be needed to create the full database. *

**Administrator Privileges:** Essential for modifying firewall rules. ## Setup & Installation 1. **Obtain Files:** Download or place the main Python script (e.g., `cybertection_ai.py`) and the `port_database.json` file into the same directory. 2.

**Port Database:** If you don't have `port_database.json`, you may need to run a separate script (like `generate_db.py` provided previously) to create it first: `python generate_db.py`. Ensure the final database file is named exactly `port_database.json`. 3. **Icon (Optional):** Place an icon file named `shield.ico` in the same directory for the window icon. 4. **Ensure Python:** Verify Python 3.x is installed and added to your system's PATH. 5. **Run as Admin:** * Right-click the script and choose "Run as administrator" OR * Open Command Prompt or PowerShell **as Administrator**, navigate (`cd`) to the script's directory, and run: `python your_script_name.py` * The script will also try to self-elevate if run without admin rights initially. Grant permission if prompted by UAC.

## Usage *(See the "How to Use Cybertection Port Master AI" section above for a detailed guide on each tab and feature.)* ## Important Notes & Warnings * ⚠️ **ADMINISTRATOR RIGHTS REQUIRED:** Modifying the firewall requires running this application with administrator privileges. Most core features (Allow, Block, Apply Profile, Reset) will be disabled otherwise. * ⚠️ **MODIFIES FIREWALL:** This tool adds and deletes rules in the Windows Firewall. Understand the implications before allowing or blocking ports, especially based on profiles. Rules created by this tool are prefixed with `CS_Port_`. * ⚠️ **USE RESPONSIBLY:** Do not block ports essential for your operating system or critical applications unless you understand the consequences. Blocking ports like RDP or SMB incorrectly can lock you out or break network functionality. * ⚠️ **ADVANCED OPTIONS:** The "Reset Windows Firewall" option is extremely destructive and will remove *all* firewall rules. Use only if you fully understand the impact and have a recovery plan. "Delete ALL Managed Rules" is safer but still removes all rules created by *this* tool. *

**AI is Database-Driven:** The "AI Advisor" recommendations and risk levels are based entirely on the content of the `port_database.json` file. The quality of advice depends on the accuracy and completeness of this file. It is *not* a learning AI. * **Windows Focus:** While the GUI might run on other systems, the core firewall interaction relies on Windows `netsh` commands. Functionality on macOS or Linux is not guaranteed or implemented for firewall control.

## Troubleshooting * **Permission Errors / Buttons Disabled:** Ensure you are running the script with Administrator privileges. * **"Database File Not Found":** Make sure `port_database.json` exists in the same directory as the Python script and is correctly named. * **`netsh` Command Errors:** Check the Activity Log for specific error messages from `netsh`. These might indicate syntax issues, permissions problems, or conflicts with other firewall management software. * **UI Freezes:** Long operations (applying profiles, deleting many rules, slow scans) run in background threads, but brief freezes might occur. If persistent freezes happen, check the console for errors. ---