โโโโโโโโโโโโโโ โโโโโโโโโโ โโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโ โโโโโโโโโโโโโโโโโโ โโโโโโโโ
โโโโโโโโโโโ โโโโโโโโโ โโโโโโโโ
โโโโโโโโโโ โโโโโโโโโ โโโโโโโโ
31 network tools in one terminal framework โ powered entirely by pip, with built-in AI explanations via OpenRouter.
Features โข Install โข Tools โข AI Setup โข Usage โข Screenshots
Crips is a modular network toolkit built for students, CTF players, sysadmins, and anyone learning how networking protocols work. Every tool is implemented in pure Python using pip-installable libraries โ no compiled binaries, no complex setup.
After every scan, Crips can send the output to an AI (OpenRouter, OpenAI, Ollama, or any OpenAI-compatible API) which generates a full learning report: what the output means, key findings, networking concepts demonstrated, and suggested next steps.
โก Inspired by Manisso/Crips โ completely rebuilt in Python 3 with local tools, AI integration, and many new modules.
| Feature | Description |
|---|---|
| 31 Network Tools | Whois, DNS, GeoIP, port scan, traceroute, SSL, HTTP analysis, subnet calc, banner grabbing and more |
| Pure pip | Every tool runs via pip-installed Python libraries โ no nmap, no masscan binary required |
| AI Explanations | After any tool, ask AI to generate a learning report with key findings and next steps |
| Any LLM API | OpenRouter (default, free models), OpenAI, Ollama (local), LM Studio, Groq, Together AI |
| Free by default | Uses mistralai/mistral-7b-instruct:free โ no credits needed on OpenRouter |
| GeoLite2 Auto-download | MaxMind databases downloaded automatically at install (no signup via P3TERX mirror) |
| Multi-threaded scanning | Concurrent TCP port scanner โ scan 1000 ports in seconds |
| Learning-focused | Every tool teaches a concept โ service banners, DNS hierarchy, BGP routing, TLS handshake |
| Cross-platform | Linux, macOS, Windows (WSL recommended for raw socket tools) |
# 1. Clone the repository
git clone https://github.com/Manisso/crips-v2.git
cd crips
# 2. Install everything (packages + GeoLite2 databases)
python3 install.py
# 3. Run
python3 crips.py
# For ICMP ping, traceroute, and ARP scan (tools 9, 10, 12, 13):
sudo python3 crips.py- Python 3.8+
- pip
install.py handles everything else automatically:
- All pip packages
GeoLite2-ASN.mmdb,GeoLite2-City.mmdb,GeoLite2-Country.mmdb(from P3TERX/GeoLite.mmdb โ no signup needed)- Default
config.jsonfor AI settings
# Or install packages manually:
pip install -r requirements.txt| # | Tool | Description |
|---|---|---|
| 1 | Whois Lookup | Full WHOIS registration info โ registrar, dates, nameservers, contacts |
| # | Tool | Description |
|---|---|---|
| 2 | DNS Lookup | Query all record types: A, AAAA, MX, NS, TXT, SOA, CNAME, CAA, SRV, DNSKEY... |
| 3 | Reverse DNS | IP โ hostname via PTR records, supports full CIDR range sweep |
| 4 | DNS Propagation | Check a record across 8 public resolvers (Google, Cloudflare, OpenDNS, Quad9...) |
| 5 | Zone Transfer | Attempt AXFR on all nameservers โ tests for misconfiguration |
| # | Tool | Description |
|---|---|---|
| 6 | GeoIP + ASN | Country, city, lat/long, timezone + ASN, BGP CIDR, network owner via RDAP |
| 7 | Bulk GeoIP | GeoIP lookup for a list of IPs โ table output |
| 8 | ASN / BGP Info | Autonomous system details, network objects, routing info |
| # | Tool | Description |
|---|---|---|
| 9 | ICMP Ping | Full ping with RTT stats โ like system ping (needs root) |
| 10 | Ping Sweep | Discover all live hosts in a subnet using ICMP (needs root) |
| 11 | TCP Ping | Check host reachability via TCP connect โ no root required |
| 12 | Traceroute | ICMP or UDP hop-by-hop path with RTT per hop (needs root) |
| 13 | ARP Scan | Discover all devices on local LAN โ returns IP + MAC + vendor |
| # | Tool | Description |
|---|---|---|
| 14 | TCP Port Scan | Multi-threaded TCP connect scanner โ top20/web/db/mail groups or custom range |
| 15 | Subnet Port Scan | Check a single port across an entire subnet โ find all SSH/HTTP servers |
| # | Tool | Description |
|---|---|---|
| 16 | HTTP Headers | Full header dump + security header audit + technology fingerprinting |
| 17 | Redirect Chain | Trace every redirect step-by-step with status codes |
| 18 | Robots.txt + Sitemap | Fetch and parse crawl directives and sitemap URL structure |
| 19 | HTTP Methods | Test which HTTP verbs (GET, POST, PUT, DELETE, TRACE...) a server accepts |
| # | Tool | Description |
|---|---|---|
| 20 | SSL Inspector | Certificate details, SAN names, chain, fingerprints, TLS version support matrix |
| # | Tool | Description |
|---|---|---|
| 21 | Subnet Calculator | Network/broadcast/mask/wildcard/binary/hex โ full breakdown |
| 22 | Subnet Splitter | Divide any network into equal sub-networks |
| 23 | IP Address Info | Classify an IP โ private/public/multicast + RFC reference + binary repr |
| 24 | CIDR โ IP Range | Expand a CIDR block to first/last addresses or full IP list |
| 25 | IPv6 Tools | Expand, analyze, and classify IPv6 addresses |
| # | Tool | Description |
|---|---|---|
| 26 | Banner Grabber | Read raw protocol greetings from open ports โ SSH, FTP, SMTP, Redis, MySQL... |
| 27 | Multi-Host Banner | Grab the banner of a specific port across many hosts |
| # | Tool | Description |
|---|---|---|
| 28 | Network Interfaces | Show all local adapters, IPs, MACs, and default gateway |
| 29 | MAC Analyzer | OUI vendor lookup + multicast/local-admin flag analysis |
| 30 | Connectivity Check | Latency to public DNS and HTTP endpoints |
| 31 | Active Connections | Show this machine's open network sockets (psutil) |
After every tool run, Crips asks:
๐ค Ask AI to explain this output? [y/N]:
The AI reads the raw tool output and generates a learning report:
๐ What This Means
The DNS lookup reveals this domain uses Google's nameservers (ns1.google.com),
meaning DNS is managed through Google Domains or Workspace...
๐ฏ Key Findings
โ MX records point to Google mail servers โ this organization uses Gmail
โ TXT record contains SPF policy limiting who can send email as this domain
โ SOA serial number follows YYYYMMDDNN format โ last updated today
๐ Concepts Demonstrated
โ DNS hierarchy: authoritative vs recursive resolvers
โ Email authentication: SPF, DKIM, DMARC chain of trust
๐ Next Steps
โ Try tool [5] Zone Transfer to check if AXFR is misconfigured
โ Use tool [4] DNS Propagation to verify records are globally consistent
# Inside crips, press [!] to open AI configuration:
[1] Set API Key
[2] Set Base URL (OpenRouter / OpenAI / Ollama / Groq / LM Studio)
[3] Set Model
[4] Toggle AI on/off
[5] Toggle Auto-explain
[6] Toggle Streaming
[8] Browse free models
[9] Test API connection
| Provider | Base URL | Notes |
|---|---|---|
| OpenRouter (default) | https://openrouter.ai/api/v1 |
Free models available |
| OpenAI | https://api.openai.com/v1 |
GPT-4o, GPT-3.5... |
| Ollama | http://localhost:11434/v1 |
Run models locally |
| LM Studio | http://localhost:1234/v1 |
Local GUI + server |
| Groq | https://api.groq.com/openai/v1 |
Very fast inference |
| Together AI | https://api.together.xyz/v1 |
Many open models |
| Model | Speed | Quality |
|---|---|---|
openai/gpt-oss-120b:free |
Medium | โญโญโญโญโญ |
openai/gpt-oss-20b:free |
Fast | โญโญโญโญ |
meta-llama/llama-3.3-70b-instruct:free |
Medium | โญโญโญโญโญ |
google/gemma-4-31b:free |
Medium | โญโญโญโญ |
deepseek/deepseek-v4-flash:free |
Very fast | โญโญโญโญ |
qwen/qwen3-next-80b-a3b-instruct:free |
Fast | โญโญโญโญ |
nvidia/nemotron-3-super:free |
Slow | โญโญโญโญโญ |
minimax/minimax-m2.5:free |
Fast | โญโญโญโญ |
z-ai/glm-4.5-air:free |
Very fast | โญโญโญโญ |
poolside/laguna-m1:free |
Medium | โญโญโญโญโญ |
liquid/lfm2.5-1.2b-instruct:free |
Ultra fast | โญโญ |
nvidia/nemotron-nano-9b-v2:free |
Very fast | โญโญโญ |
Get a free key: https://openrouter.ai/keys
โโโโโโโโโโโโโโ โโโโโโโโโโ โโโโโโโโ
...
Host: kali IP: 192.168.1.100 Mode: root [AI: mistral-7b:free]
โโ WHOIS & DOMAIN โโ
[ 1] Whois Lookup [ 2] DNS Lookup (all types)
...
crips~# 14 โ run TCP port scan
crips~# ! โ open AI config
crips~# ? โ help
crips~# cls โ clear screen
crips~# 0 โ exit
| Command | Action |
|---|---|
1 โ 31 |
Run a tool |
! |
AI configuration menu |
? |
Help & tool reference |
cls |
Clear and redraw menu |
0 |
Exit |
crips/
โโโ crips.py โ Main entry point (menu + tool runner + AI hook)
โโโ install.py โ Auto-installer (packages + GeoLite2 DBs)
โโโ requirements.txt โ All pip dependencies
โโโ config.json โ AI settings (auto-created)
โโโ GeoLite2-ASN.mmdb โ Auto-downloaded by install.py
โโโ GeoLite2-City.mmdb โ Auto-downloaded by install.py
โโโ GeoLite2-Country.mmdb โ Auto-downloaded by install.py
โโโ modules/
โโโ colors.py โ ANSI styling + print helpers
โโโ utils.py โ Shared utilities (resolve, TCP, banner)
โโโ ai_mod.py โ AI explanation engine + config menu
โโโ whois_mod.py โ Tool 1
โโโ dns_mod.py โ Tools 2โ5
โโโ geoip_mod.py โ Tools 6โ8
โโโ network_mod.py โ Tools 9โ13
โโโ portscan_mod.py โ Tools 14โ15
โโโ http_mod.py โ Tools 16โ19
โโโ ssl_mod.py โ Tool 20
โโโ subnet_mod.py โ Tools 21โ25
โโโ banner_mod.py โ Tools 26โ27
โโโ iface_mod.py โ Tools 28โ31
All installed automatically by install.py or pip install -r requirements.txt:
| Package | Used for |
|---|---|
python-whois |
WHOIS lookups |
dnspython |
All DNS operations |
ipwhois |
ASN / BGP / RDAP |
geoip2 |
MaxMind GeoLite2 reader |
scapy |
ICMP ping, traceroute, ARP |
requests |
HTTP analysis + AI API |
pyOpenSSL |
SSL/TLS inspection |
netaddr |
MAC OUI + subnet math |
netifaces |
Network interfaces |
colorama |
Windows ANSI colors |
Zero non-pip dependencies for 27/31 tools. Tools 9, 10, 12, 13 need root/sudo for raw socket access.
This tool is intended for:
- Educational use โ learning how networking protocols work
- CTF challenges โ Capture The Flag competitions
- Your own systems โ testing infrastructure you own or have permission to test
- Lab environments โ isolated networks for learning
Do not use this tool against systems you do not own or have explicit written permission to test. The authors are not responsible for misuse.
- GeoLite2 databases: P3TERX/GeoLite.mmdb
- AI powered by: OpenRouter
MIT License โ see LICENSE for details.
If this tool helped you learn something, please โญ star the repo!
Made with โค๏ธ for the networking and cybersecurity learning community