Building a
Security Culture

Scanning Colombia's IP address space to identify vulnerabilities, strengthen the country's digital infrastructure, and build a safer cyber ecosystem for everyone.

Learn About the Project Methodology
~70M IPs to scan
24/7 Continuous monitoring
100% Ethical & legal
// About the Project

Protecting Colombia's digital infrastructure

A systematic effort to map, analyze, and report vulnerabilities across the IP address space assigned to Colombia.

Mission

Proactively identify vulnerabilities in Colombia's digital infrastructure to notify those responsible and strengthen the country's security posture.

Vision

Build a more resilient digital ecosystem where Colombian organizations and citizens can operate with confidence in a secure cyber environment.

Approach

Non-intrusive, ethical, and responsible scanning. Every vulnerability found is confidentially reported to those responsible, following responsible disclosure principles.

Education

We generate reports, statistics, and guides that help organizations understand their risks and take immediate corrective action.

// Methodology

How we scan

A rigorous, ethical, and systematic process that ensures complete coverage of Colombia's address space without causing disruptions.

01

IP Range Collection

We identify all IP address blocks assigned to Colombia through regional internet registries (LACNIC) and public BGP routing databases.

LACNIC BGP WHOIS
02

Non-Intrusive Scanning

We perform port and service scans using passive and semi-passive techniques that do not generate significant load or affect the availability of target systems.

Port Scanning Service Detection Banner Grabbing
03

Vulnerability Detection

We correlate detected services with known vulnerability databases (CVE) to identify critical exposures, outdated software, and insecure configurations.

CVE NVD CVSS
04

Analysis & Classification

Each finding is classified by severity, vulnerability type, and potential impact. We generate risk profiles by sector, region, and organization type.

Severity Rating Risk Profiling Sector Analysis
05

Responsible Disclosure

Critical findings are confidentially reported to the owners of affected systems, providing technical details and remediation recommendations.

Responsible Disclosure CERT Notification
// Statistics

Colombia in numbers

An overview of Colombia's IP address space and the scope of our project.

~70M
IPv4 Addresses

IP ranges assigned to Colombia by LACNIC that will be fully scanned

1,200+
Registered ASNs

Colombian autonomous systems identified

350+
ISPs & Organizations

Entities with assigned IP blocks

65,535
Ports per IP

TCP/UDP ports scanned per address

200K+
Referenced CVEs

Known vulnerability database

scan-status.sh
$ ventura-scan --target co --mode passive --output report [*] Loading Colombia's IP ranges from LACNIC... [*] Total ranges found: 2,847 CIDR blocks [*] Total IP addresses: ~70,234,112 [+] Starting non-intrusive scan... [+] Mode: Passive & Semi-passive reconnaissance [!] Rate limiting active: 1000 packets/second [+] Scan in progress... Security Culture active $ _
// Project Phases

Project roadmap

A phased execution plan that ensures a gradual, measurable, and sustainable approach.

In progress
Fase 1

Reconnaissance & Mapping

  • Collect all Colombian CIDR blocks
  • Map ASNs and owning organizations
  • Build IP range database
  • Define scanning priorities by sector
Pending
Fase 2

Scanning & Detection

  • Common TCP/UDP port scanning
  • Service and version detection
  • Known vulnerability identification
  • Insecure configuration detection
Pending
Fase 3

Analysis & Intelligence

  • Classification by severity (CVSS)
  • Risk profile generation
  • Analysis by sector and industry
  • Correlation with active threats
Pending
Fase 4

Disclosure & Education

  • Confidential notification to affected parties
  • Publication of statistical reports
  • Remediation guides per vulnerability
  • Security workshops and training