feat: 16 funciones cybersecurity — análisis, crypto e IO de seguridad

12 funciones puras con implementación real:
HashSHA256, HashMD5, EntropyShannon, IsBase64, IsHex, ExtractURLs,
ParseIPCIDR, IPInRange, NormalizeURL, DetectSQLInjection,
LevenshteinDistance, JaccardSimilarity

4 funciones impuras con implementación real (stdlib):
LookupWhois, ResolveDNS, FetchHTTPHeaders, ScanPortTCP

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

functions/cybersecurity/scan_port_tcp.go

@@ -0,0 +1,34 @@
+package cybersecurity
+
+import (
+	"fmt"
+	"net"
+	"time"
+)
+
+// ScanPortTCP intenta conectarse a un puerto TCP y devuelve el estado ("open", "closed", "filtered"),
+// un banner si el puerto esta abierto, y un posible error.
+func ScanPortTCP(host string, port int, timeoutMs int) (status string, banner string, err error) {
+	address := fmt.Sprintf("%s:%d", host, port)
+	timeout := time.Duration(timeoutMs) * time.Millisecond
+
+	conn, err := net.DialTimeout("tcp", address, timeout)
+	if err != nil {
+		// Distinguir entre conexion rechazada (closed) y timeout (filtered)
+		if netErr, ok := err.(net.Error); ok && netErr.Timeout() {
+			return "filtered", "", nil
+		}
+		return "closed", "", nil
+	}
+	defer conn.Close()
+
+	// Intentar leer un banner con timeout corto
+	_ = conn.SetReadDeadline(time.Now().Add(2 * time.Second))
+	buf := make([]byte, 1024)
+	n, _ := conn.Read(buf)
+	if n > 0 {
+		banner = string(buf[:n])
+	}
+
+	return "open", banner, nil
+}