IDIF (IP & Domain Investigation Framework) V.2

IP & Domain Investigation Framework (IDIF) V.2 – Network Analysis & Cybersecurity Toolkit.

Presentation: https://androidstudio.freedynamicdns.org:442/presentation

Changelog (from 1.0):

1. Improved SuperNETSTAT’s ability to detect suspicious processes and connections;
2. Enhanced ProSSH interactions and overall user experience.
3. Added a new feature: Website security assessment and vulnerability scanner.
4. Resolved an issue where IDIF mistakenly displayed quotes in Italian instead of English.
5. Made improvements for the Unix Bash installer.
6. Known bugs in 2.0: On Unix systems, opening the new Readme(!) in ProSSH may cause UI resizing issues. However, users can manually resize the window to circumvent this.

Advanced IP & Domain Investigation Made Simple

The IP & Domain Investigation Framework (IDIF) is a powerful, user-friendly tool designed for network administrators, cybersecurity professionals, and forensic analysts who need accurate and efficient insights into IP addresses and domain names. Mainly meant for Windows, but works on Linux. Technically Apple Systems are supported, but the program was not tested on them.

With IDIF, you can effortlessly conduct WHOIS lookups, conduct threat intelligence, find Indicators of Compromissions within IPs/Domains, geolocation, IP<->Domain resolution, compare and export results for accuracy.

Key Features:

1. WHOIS & Domain Intelligence: Lookup authoritative domain registration details and ownership information, to verify their validity and tenure.
2. IP Geolocation & Network Mapping: Analyze IP addresses and Domains with precision using multiple data sources, still being compliant with their ToS.
3. Advanced Network Scanning: Identify open ports and detect proxy usage with real-time analysis.
4. Network Management Tools (LAN/WAN): IDIF it's shipped with it's own Proprietary tools to easily manage your LAN network or your WAN remote server thanks to it's own SSH client, which you can use to test the strength of your own password (offline), automate Download/Upload routines with your VPS server, and retrieve latency informations in real-time.
5. Data Export & Reporting: Generate PDF, CSV, Excel, and JSON reports for in-depth documentation and auditing.
6. Website Vulnerability Scanner & Phishing Prevention (feature introduced in 2.0) - IDIF can now scan websites to find security flaws: SQL Injection, Cross-Site Scripting (XSS), XML External Entity (XXE), OpenRedirect, misconfigured SSL certificates, or Local File Inclusion (LFI), additionally detecting if you are scanning a phishing website.
7. User-Friendly & Efficient: Built with Tkinter and PyQt5 for an intuitive and visually appealing experience.
8. Manual bug reporting feature (Human Support): you can report issues within IDIF by providing detailed insights.
9. Mini-AI: A small AI model was implemented to help you with FAQs, but if you have further questions, don't feel shy about getting in touch with the 'Human Support' feature.
10. Guaranteed working on Windows and Linux. Whatever there are troubles in installing the program, you have included a detailed Documentation helping you in troubleshooting issues + human support. IDIF requires Python 3.1x series to work (Python 3.12 was officially used to develop IDIF)

Notes on SuperNETSTAT

"SuperNETSTAT" it's just IDIF "proprietary" LAN Network scanner with very interesting capabilities. It enpowers the user with the ability to detect and terminate malicious processes with their connections, discover and block IPs and has two mode: static scanning and dynamic monitoring. This tool requires Npcap to work properly on Windows.

Notes on ProSSH

"ProSSH" it's our own SSH client you can use to easily manage your remote SSH, testing offline it's password strength, automate Download/Upload routines via GUI environment. Despite it still has small issues, we're working on it to make it a valuable tool to manage WAN Networks, by solving bugs and adding more features in future relases. User feedbacks & Contributions are welcome.

GDPR Compliance & Ethical Use

IDIF is developed with a strict Fair Usage Policy, ensuring responsible and legal use of publicly available information with proper request rate-limiting and time sleeps to avoid overloading remote servers (no mass scan are allowed). No mass data storage, resale, or facilitation in automated queries or causing privacy issues are allowed, maintaining compliance with most third-parties.

Reliable & Accurate: Uses trusted WHOIS & IP strategies.

Time-Efficient: Automates cybersecurity workflow, focusing on what matters with a friendly GUI.

Secure & Private: No data collection—only real-time query processing.

Actively maintened by Developer;

Feedbacks & Reports to improve the tool are welcomed.