Developed by Reza Mirfayzi • Powered by PantherAI Hybrid Model
The Penetration Scan Suite is a modular, lightweight security scanner designed to surface weaknesses across web applications and network-exposed services. It evaluates HTTP configurations, detects common attack vectors, analyzes security headers, exposes misconfigurations, and generates structured risk reports.
This tool is built for defensive security, research, and authorized penetration testing.
- Security Header Analysis
Detects missing / weak headers (HSTS, CSP, X-Frame-Options, etc.) - Web Surface Enumeration
Crawls accessible endpoints to reveal exposed interfaces - Vulnerability Pattern Detection
Flags SQLi, XSS, LFI, RFI, directory traversal, command injection - Transport Security Checks
Evaluates HTTPS availability, redirect behavior, certificate presence - Risk Scoring Engine
Calculates severity levels for all findings - Actionable Hardening Recommendations
Examples from development test runs.
All IPs have been anonymized for security/privacy.
Target: http://192.168.x.x
Findings:
- Missing
Strict-Transport-Security - Missing
X-Content-Type-Options - No
Referrer-Policy - CSP not implemented
Severity: Medium
Target: http://10.0.x.x
Findings:
- Exposed login endpoint
- Weak error-handling responses
Severity: High
Request:
Detection: SQL injection pattern
Severity: Critical
python penetration_scan.py http://target-url