Skip to content

Jyyoungg/Vulnerability-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
vuln_scanner.py
vuln_scanner.py
 
 

Repository files navigation

Vulnerability Scanner

Python License Security

A Python-based web vulnerability scanner for identifying common security misconfigurations and vulnerabilities in web applications. Built for educational and authorized security testing purposes.

Features

  • HTTP Security Headers Analysis - Detects missing security headers (CSP, HSTS, X-Frame-Options, etc.)
  • SSL/TLS Configuration Check - Validates certificate security and configuration
  • Open Ports Detection - Scans for common open ports and services
  • Directory Enumeration - Checks for exposed sensitive directories
  • Server Information Disclosure - Identifies information leakage in headers
  • Detailed Reporting - Generates comprehensive scan reports with severity levels

Installation

  1. Clone the repository:
git clone https://github.com/Jyyoungg/vulnerability-scanner.git
cd vulnerability-scanner
  1. Install dependencies:
pip install -r requirements.txt

Usage

Basic Scan

python vuln_scanner.py --url https://example.com

Full Scan with All Modules

python vuln_scanner.py --url https://example.com --full

Specific Module Scan

python vuln_scanner.py --url https://example.com --modules headers,ssl

Save Report to File

python vuln_scanner.py --url https://example.com --output report.json

Example Output

[+] Starting Vulnerability Scan for: https://example.com
[+] Scan Date: 2025-09-30

=== Security Headers Analysis ===
[!] CRITICAL: Missing Content-Security-Policy header
[!] WARNING: Missing X-Frame-Options header
[✓] PASS: Strict-Transport-Security header present

=== SSL/TLS Configuration ===
[✓] PASS: Valid SSL certificate
[✓] PASS: Certificate expires in 89 days

=== Open Ports Scan ===
[+] Port 80 (HTTP) - OPEN
[+] Port 443 (HTTPS) - OPEN
[!] WARNING: Port 8080 - OPEN

=== Summary ===
Total Issues Found: 3
- Critical: 1
- High: 0
- Medium: 2
- Low: 0

Modules

Module Description Severity Detection
headers Scans HTTP security headers Critical/Medium
ssl Checks SSL/TLS configuration High/Medium
ports Scans common ports Medium/Low
directories Checks for exposed directories High/Medium
info Detects information disclosure Low

Legal Disclaimer

⚠️ IMPORTANT: This tool is for educational purposes and authorized security testing only.

  • Only scan systems you own or have explicit permission to test
  • Unauthorized scanning may be illegal in your jurisdiction
  • The author is not responsible for misuse of this tool

Requirements

  • Python 3.8+
  • requests
  • urllib3
  • colorama
  • python-nmap (optional, for advanced port scanning)

Roadmap

  • Add SQL injection detection
  • Implement XSS vulnerability checks
  • Add subdomain enumeration
  • Support for authenticated scans
  • Web interface dashboard

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Author

Jyyoungg

Acknowledgments

Built as part of cybersecurity portfolio development while studying for Security+ certification.

⭐ If you find this tool useful, please consider giving it a star!

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages