Skip to content

jpaul73/vulnerability_scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vulnerability Scanner

Overview

The Vulnerability Scanner is a Python-based cybersecurity tool that performs basic security assessments on a website or locally hosted web application. It helps identify common security issues such as open ports, missing HTTP security headers, and server information disclosure.

This project was developed as a beginner cybersecurity mini project to understand how vulnerability assessment works and how security professionals identify potential weaknesses before attackers exploit them.


Features

  • Scan common TCP ports
  • Detect open ports
  • Check for missing HTTP security headers
  • Identify server information disclosure
  • Generate a vulnerability report
  • Provide basic security recommendations
  • Simple command-line interface

Technologies Used

  • Python 3
  • Socket Module
  • Requests Library
  • VS Code

Project Structure

Vulnerability-Scanner/
│
├── scanner.py
├── report.txt
├── requirements.txt
├── README.md
└── screenshots/
    ├── task1.png
    ├── server.png
    └── report.png

Installation

Clone the repository:

git clone https://github.com/your-username/basic-vulnerability-scanner.git

Move into the project folder:

cd basic-vulnerability-scanner

Install the required package:

pip install -r requirements.txt

Usage

Run the scanner:

python scanner.py

Enter the target:

localhost

or

example.com

The scanner will:

  • Scan common ports
  • Check HTTP security headers
  • Detect server information disclosure

Sample Output

===== OPEN PORT SCAN =====

Port 80 OPEN

===== SECURITY HEADER CHECK =====

Content-Security-Policy Missing

X-Frame-Options Present

Strict-Transport-Security Missing

Server: Python HTTP Server

Security Checks Performed

Port Scan

Scans common ports including:

  • 21 (FTP)
  • 22 (SSH)
  • 25 (SMTP)
  • 53 (DNS)
  • 80 (HTTP)
  • 110 (POP3)
  • 143 (IMAP)
  • 443 (HTTPS)
  • 3306 (MySQL)
  • 3389 (RDP)
  • 8080 (HTTP Alternate)

HTTP Security Headers

Checks for:

  • Content-Security-Policy
  • X-Frame-Options
  • Strict-Transport-Security
  • X-Content-Type-Options
  • Referrer-Policy

Information Disclosure

Detects exposed Server headers.


Report

After every scan, a report is automatically generated:

report.txt

The report includes:

  • Target
  • Open ports
  • Missing security headers
  • Server information
  • Security recommendations

Project Workflow

User Input
      │
      ▼
Target Validation
      │
      ▼
Port Scan
      │
      ▼
Header Analysis
      │
      ▼
Server Information Detection
      │
      ▼
Generate Report

Future Improvements

  • Port range scanning
  • Banner grabbing
  • SSL/TLS certificate analysis
  • HTML report generation
  • PDF report export
  • CVE lookup
  • Multithreading for faster scans
  • Risk severity classification
  • GUI interface

Disclaimer

This tool is intended for educational purposes only.

Only scan systems or web applications that you own or have explicit permission to test. Unauthorized scanning may violate laws or organizational policies.


Author

Paul Doniyal J

Cybersecurity Student

Interested in SOC, Blue Team Operations, SIEM, Splunk, Network Security, and Vulnerability Assessment.

About

A Python-based basic vulnerability scanner that detects common open ports, checks HTTP security headers, identifies server information disclosure, and generates a vulnerability report with security recommendations.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages