Metadata-Version: 2.4
Name: tehqeeq
Version: 2.0.0
Summary: Advanced Network Reconnaissance Tool - WHOIS, DNS, subdomains, port scan, tech detection
Project-URL: Repository, https://github.com/slaiba123/tehqeeq
Project-URL: Documentation, https://github.com/slaiba123/tehqeeq#readme
Author: LAIBA MUSHTAQ
License-Expression: MIT
License-File: LICENSE
Keywords: dns,port-scan,recon,reconnaissance,security,subdomain,whois
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.8
Requires-Dist: colorama>=0.4.6
Requires-Dist: dnspython>=2.3.0
Requires-Dist: python-whois>=0.8.0
Requires-Dist: requests>=2.28.0
Requires-Dist: urllib3>=2.0.0
Provides-Extra: dev
Requires-Dist: pytest-cov>=4.0; extra == 'dev'
Requires-Dist: pytest>=7.0; extra == 'dev'
Provides-Extra: nmap
Requires-Dist: python-nmap>=0.7.1; extra == 'nmap'
Provides-Extra: pdf
Requires-Dist: reportlab>=4.0.7; extra == 'pdf'
Description-Content-Type: text/markdown

# TEHQEEQ - تحقیق

<img width="924" height="308" alt="tehqeeq" src="https://github.com/user-attachments/assets/69d46c82-ac62-4ad9-863b-2c50a94fa408" />



<div align="center">
Advanced Network Intelligence Gathering Framework

[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
[![License](https://img.shields.io/badge/license-MIT-green.svg)](LICENSE)
[![Platform](https://img.shields.io/badge/platform-Windows%20%7C%20Linux%20%7C%20macOS-lightgrey.svg)](https://github.com)

[Features](#features) • [Installation](#installation) • [Usage](#usage) • [Examples](#examples) • [Documentation](#documentation)

</div>

---

## 📖 About TEHQEEQ

**TEHQEEQ** (تحقیق - meaning "Investigation" in Urdu/Arabic) is a comprehensive network reconnaissance framework designed for security professionals and penetration testers. Built with modularity and ease of use in mind, TEHQEEQ provides extensive intelligence gathering capabilities with beautiful terminal output.

### 🎯 Key Highlights

- **Pakistani Domain Support** - Native PKNIC API integration for .pk domains
- **Comprehensive Scanning** - WHOIS, DNS, subdomains, ports, banners, technologies
- **Multiple Report Formats** - PDF, HTML, JSON, and TXT reports
- **Auto Verification** - Built-in result verification against external sources
- **Fast & Efficient** - Optimized scanning with minimal false positives

---

## ✨Features

### 🔐 Passive Reconnaissance
- **WHOIS Lookup**
  - Standard WHOIS for international domains
  - PKNIC API integration for .pk domains
  - Fallback web scraping for limited data
  - Registration dates, nameservers, contacts

- **DNS Enumeration**
  - A, AAAA, CNAME, MX, NS, TXT, SOA records
  - Configurable DNS resolvers
  - Timeout handling for large record sets

- **Subdomain Discovery**
  - DNS Zone Transfer (AXFR) attempts
  - SSL Certificate Subject Alternative Names
  - DNS brute-force (100+ common subdomains)
  - Deduplication and validation

### 🎯 Active Reconnaissance
- **Port Scanning**
  - TCP Connect scanning
  - 15 most common ports by default
  - Custom port list support
  - Auto-detection of www subdomain

- **Banner Grabbing**
  - Protocol-specific probes
  - HTTP, SMTP, POP3, IMAP, FTP support
  - Timeout handling

- **Technology Detection**
  - Web server identification
  - CMS detection (WordPress, Drupal, Joomla)
  - JavaScript frameworks (Angular, React, Vue)
  - Security headers analysis
  - CDN detection

### 📊 Reporting & Verification
- **Report Generation**
  - PDF reports with professional formatting
  - HTML reports with interactive elements
  - JSON for programmatic access
  - TXT for quick reference

- **Auto Verification**
  - DNS cross-validation
  - Port state verification
  - Technology cross-checking
  - Confidence scoring

---

## 🚀 Installation

### Prerequisites
- Python 3.8 or higher
- pip package manager
- Internet connection

### Quick Install

```bash
# Clone the repository
git clone https://github.com/slaiba123/tehqeeq.git
cd tehqeeq

# Install dependencies
pip install -r requirements.txt

# Run TEHQEEQ
python main.py --help
```

### Install from PyPI (direct pip install)

Once the package is published on [PyPI](https://pypi.org), anyone can install it **without cloning the repo**:

```bash
# Install the tool and its core dependencies
pip install tehqeeq

# Run it from anywhere
tehqeeq example.com --whois --dns
tehqeeq example.com --all --report pdf
```

**Optional extras** (install only if you need them):

```bash
# PDF report generation
pip install tehqeeq[pdf]

# Nmap integration for port scanning
pip install tehqeeq[nmap]
```

No Git, no `cd` into a folder—just `pip install tehqeeq` and use the `tehqeeq` command.

---

### Install from source (clone first)

If the package isn’t on PyPI yet, or you want to develop it:

```bash
git clone https://github.com/slaiba123/tehqeeq.git
cd tehqeeq

# Editable install (changes in code apply immediately)
pip install -e .

# Or production-style install
pip install .

# With optional features
pip install -e ".[pdf]"
pip install -e ".[nmap]"

# Run
tehqeeq example.com --whois --dns
```

---

### Publishing to PyPI (for maintainers)

To allow **direct** `pip install tehqeeq` for everyone:

1. **Create a PyPI account**  
   [pypi.org](https://pypi.org) → Register (and optionally create an API token).

2. **Install build tools:**
   ```bash
   pip install build twine
   ```

3. **Build the package** (from project root):
   ```bash
   python -m build
   ```
   This creates `dist/tehqeeq-2.0.0.tar.gz` and a wheel.

4. **Upload to PyPI:**
   ```bash
   twine upload dist/*
   ```
   Use your PyPI username and password/API token when prompted.

5. **Done.** Anyone can now run:
   ```bash
   pip install tehqeeq
   tehqeeq example.com --all
   ```

For **test uploads** (no impact on the real PyPI index), use [TestPyPI](https://test.pypi.org):
```bash
twine upload --repository testpypi dist/*
pip install --index-url https://test.pypi.org/simple/ tehqeeq
```

---

### Running tests

```bash
# From project root
python -m unittest discover -s tests -p "test_*.py" -v
```

### Dependencies

```txt
dnspython>=2.6.1
python-whois>=0.9.27
requests>=2.31.0
colorama>=0.4.6
reportlab>=4.0.0
```

**Optional:**
```txt
python-nmap>=0.7.1  # For Nmap integration
```

---

## 📚 Usage

### Basic Syntax

```bash
python main.py [TARGET] [OPTIONS]
```

### Command Line Options

```
Positional Arguments:
  target                Target domain or IP address
  -d, --domain         Alternative target specification

Scan Options:
  --whois              Perform WHOIS lookup
  --dns                Perform DNS enumeration
  --subdomains         Perform subdomain enumeration
  --ports              Perform port scanning
  --banner             Grab banners from open ports
  --tech               Detect web technologies
  --all, --full        Run all reconnaissance modules

Reporting:
  --report {txt,json,pdf}
                       Generate report in specified format
  --output, -o         Custom output directory for reports

Verbosity:
  -v, -vv, -vvv        Increase verbosity level
  --skip-disclaimer    Skip legal disclaimer (not recommended)
```

---

## 💡 Examples

### Basic Scans

```bash
# Full scan with verbose output
python main.py google.com --all -vv

# WHOIS lookup only
python main.py neduet.edu.pk --whois

# DNS enumeration
python main.py example.com --dns -vv

# Port scan and technology detection
python main.py www.example.com --ports --tech
```

### Advanced Usage

```bash
# Full scan with PDF report
python main.py www.neduet.edu.pk --all --report pdf -vv

# Full scan with PDF report
python main.py google.com --all --report pdf -vv

# RedScout-style syntax
python main.py -d www.example.com --full -vvv

# Custom output directory
python main.py target.com --all --report json -o /path/to/reports
```

### Pakistani Domains

```bash
# Scan .pk domain with PKNIC integration
python main.py neduet.edu.pk --all -vv

# WHOIS for .edu.pk domain
python main.py uet.edu.pk --whois

# Full scan with all features
python main.py www.pide.org.pk --full --report pdf -vv
```

---

## 📊 Sample Output

### WHOIS Lookup (.pk domain)
```
╔══════════════════════════════════════════════════════════════════╗
║        PERFORMING WHOIS ENUMERATION FOR NEDUET.EDU.PK            ║
╚══════════════════════════════════════════════════════════════════╝

🇵🇰 Detected .pk domain - Using PKNIC API

[INFO] Querying PKNIC API for neduet.edu.pk...

📋 Domain Name: neduet.edu.pk
📝 Registrar: PKNIC
📅 Created: 1999-06-09
📅 Expires: 2028-06-09
📊 Status: Registered

🖥️  Name Servers:
   - ns1.neduet.edu.pk
   - ns2.neduet.edu.pk
```

### DNS Enumeration
```
╔══════════════════════════════════════════════════════════════════╗
║         PERFORMING DNS ENUMERATION FOR WWW.NEDUET.EDU.PK         ║
╚══════════════════════════════════════════════════════════════════╝

[A] Records for www.neduet.edu.pk:
  - 111.68.110.16
  (Queried A record for www.neduet.edu.pk using ['8.8.8.8', '1.1.1.1'])

[MX] Records for neduet.edu.pk:
  - smtp.google.com (Priority: 1)
  (Queried MX record for neduet.edu.pk using ['8.8.8.8', '1.1.1.1'])
```

### Port Scanning
```
╔══════════════════════════════════════════════════════════════════╗
║           PERFORMING PORT SCAN FOR WWW.NEDUET.EDU.PK             ║
╚══════════════════════════════════════════════════════════════════╝

[DEBUG] Scanning port 25
[OPEN] Port   25 | State: Open | Service: SMTP | Method: TCP Connect
[DEBUG] Scanning port 110
[OPEN] Port  110 | State: Open | Service: POP3 | Method: TCP Connect
[DEBUG] Scanning port 443
[OPEN] Port  443 | State: Open | Service: HTTPS | Method: TCP Connect
```

---

## 🎨 Verbosity Levels

| Flag | Level | Output |
|------|-------|--------|
| (none) | 0 | Minimal - Results only |
| `-v` | 1 | Normal - Results with context |
| `-vv` | 2 | Verbose - Query details, progress |
| `-vvv` | 3 | Debug - All debug messages |

### Verbosity Examples

```bash
# Silent mode
python main.py target.com --all

# Normal mode
python main.py target.com --all -v

# Verbose mode (shows query details like RedScout)
python main.py target.com --all -vv

# Debug mode (shows everything)
python main.py target.com --all -vvv
```

---

## 📁 Project Structure

```
tehqeeq/
├── main.py                      # Main entry point
├── config.py                    # Configuration settings
├── pyproject.toml               # Package metadata & install config
├── requirements.txt             # Dependencies
├── README.md                    # This file
├── modules/
│   ├── __init__.py
│   ├── passive.py              # Passive reconnaissance
│   ├── active.py               # Active reconnaissance
│   ├── reporter.py             # Report generation
│   └── output_formatter.py     # Terminal output formatting
├── utils.py                     # Utility functions
├── tests/                       # Unit tests
│   ├── test_utils.py
│   └── test_reporter.py
├── reports/                     # Generated reports
└── logs/                        # Log files
```

---

## 🔒 Legal & Ethical Use

### ⚠️ IMPORTANT DISCLAIMER

This tool is designed for **authorized security testing only**. 

**YOU MUST:**
- ✅ Own the target system
- ✅ Have explicit written permission to test
- ✅ Comply with local laws and regulations
- ✅ Respect rate limits and resources

**NEVER:**
- ❌ Scan systems without authorization
- ❌ Use for malicious purposes
- ❌ Violate terms of service
- ❌ Perform denial-of-service attacks

**The developers assume NO liability for misuse of this tool.**

Unauthorized scanning may be **ILLEGAL** in your jurisdiction and could result in:
- Criminal charges
- Civil lawsuits
- Network bans
- Professional consequences

---

## 🌟 Features in Detail

### PKNIC Integration

TEHQEEQ is one of the few tools with native support for Pakistani (.pk) domains:

- **Primary**: PKNIC JSON API
- **Fallback**: PKNIC web scraping
- **Handles**: .edu.pk, .gov.pk, .org.pk, .com.pk, .net.pk
- **Features**: Registration dates, nameservers, registrar info

### Auto WWW Detection

When scanning base domains without A records:
```
⚠️  neduet.edu.pk has no A record
🔍 Checking www subdomain: www.neduet.edu.pk...
✅ Found! www.neduet.edu.pk → 111.68.110.16
🔄 Automatically switching to www.neduet.edu.pk
```

### Zone Transfer Success

Many educational institutions (.edu.pk) allow zone transfers:
```
Method 1: DNS Zone Transfer (AXFR)
   🔄 Attempting zone transfer from ns2.neduet.edu.pk...
      ✅ Zone transfer successful!
   Found 375 subdomains
```

---

## 🛠️ Troubleshooting

### Common Issues

**Problem**: Colors not showing on Windows
```bash
# Solution: Install/update colorama
pip install colorama --upgrade

# Or use Windows Terminal instead of CMD
```

**Problem**: Box characters showing as `?`
```bash
# Solution: Set console to UTF-8
chcp 65001

# Or disable Unicode boxes in config
```

**Problem**: DNS timeout errors
```python
# Solution: Increase timeout in config.py
DNS_TIMEOUT = 15  # Increase from 10
```

**Problem**: PKNIC API not working
```bash
# Solution: Check internet connection
# The tool will fallback to web scraping automatically
```

---

## 📈 Roadmap

### Planned Features
- [ ] Multi-threaded subdomain enumeration
- [ ] Integration with more TLDs (India .in, Bangladesh .bd)
- [ ] Vulnerability scanning module
- [ ] Email enumeration
- [ ] Continuous monitoring mode
- [ ] API for programmatic access
- [ ] Web interface
- [ ] Export to OSINT frameworks

---

## 🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

### Development Setup
```bash
git clone https://github.com/yourusername/tehqeeq.git
cd tehqeeq
pip install -r requirements.txt
```

### Guidelines
- Follow PEP 8 style guide
- Add tests for new features
- Update documentation
- Use meaningful commit messages

---

## 📄 License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.


---

## Acknowledgments

- **PKNIC** for providing API access for .pk domains
- **RedScout** for inspiration on terminal output design
- **Nmap** project for port scanning methodology
- **Python Security Community** for tools and libraries

---

## Support & Queries 

- 📧 Email: laiba244m@gmail.com

---

<div align="center">

**Made with ❤️ for the Security Community**

⭐ Star this repo if you find it useful!

[Report Bug](https://github.com/yourusername/tehqeeq/issues) • [Request Feature](https://github.com/yourusername/tehqeeq/issues) • [Documentation](https://github.com/yourusername/tehqeeq/wiki)

</div>
