{"id":34501365,"url":"https://github.com/harshanandhan/vulnerability-scanner","last_synced_at":"2026-05-30T02:31:03.230Z","repository":{"id":329902116,"uuid":"1120939997","full_name":"Harshanandhan/vulnerability-scanner","owner":"Harshanandhan","description":"Python-based vulnerability scanner for network and web security assessment. Features port scanning, service detection, SQL injection/XSS testing, SSL analysis, and PDF reporting. Security Analyst portfolio project by Harshanandhan Reddy Gajulapalli.","archived":false,"fork":false,"pushed_at":"2025-12-22T07:30:31.000Z","size":46,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-23T18:47:30.564Z","etag":null,"topics":["cybersecurity","ethical-hacking","network-security","penetration-testing","portfolio-project","python","security","security-analyst","vulnerability-scanner","web-security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Harshanandhan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-22T07:23:37.000Z","updated_at":"2025-12-22T07:30:35.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Harshanandhan/vulnerability-scanner","commit_stats":null,"previous_names":["harshanandhan/vulnerability-scanner"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/Harshanandhan/vulnerability-scanner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harshanandhan%2Fvulnerability-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harshanandhan%2Fvulnerability-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harshanandhan%2Fvulnerability-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harshanandhan%2Fvulnerability-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Harshanandhan","download_url":"https://codeload.github.com/Harshanandhan/vulnerability-scanner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Harshanandhan%2Fvulnerability-scanner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27992996,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-24T02:00:07.193Z","response_time":83,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","ethical-hacking","network-security","penetration-testing","portfolio-project","python","security","security-analyst","vulnerability-scanner","web-security"],"created_at":"2025-12-24T02:01:19.763Z","updated_at":"2025-12-24T02:01:52.154Z","avatar_url":"https://github.com/Harshanandhan.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Vulnerability Scanner v2.0\n\n![License](https://img.shields.io/badge/license-MIT-blue.svg)\n![Python](https://img.shields.io/badge/python-3.8+-blue.svg)\n![Security](https://img.shields.io/badge/security-testing-red.svg)\n![Status](https://img.shields.io/badge/status-production--ready-success.svg)\n\nA Python-based network and web application vulnerability scanner for security assessments and penetration testing. Built as part of a Security Analyst portfolio by **Harshanandhan Reddy Gajulapalli**.\n\n**Author:** Harshanandhan Reddy Gajulapalli  \n**Email:** harshanandhan820@gmail.com  \n**GitHub:** [@Harshanandhan](https://github.com/Harshanandhan)  \n**Purpose:** Security Analyst Portfolio Project #2\n\n---\n\n## 🎯 What This Tool Actually Does\n\n**This README is 100% honest about what's implemented and what's not.**\n\n### ✅ Currently Working Features\n\n- **Multi-threaded Port Scanning** - TCP port scanning with configurable threads and timeout\n- **Service Detection** - Banner grabbing and service version identification\n- **Basic Web Vulnerability Testing**:\n  - SQL Injection pattern detection (error-based)\n  - XSS reflection testing\n  - Security headers validation\n- **SSL/TLS Analysis** - Certificate validation and cipher strength checking\n- **PDF Report Generation** - Professional vulnerability assessment reports\n- **JSON Export** - Machine-readable output for automation\n- **Progress Tracking** - Real-time scan progress with tqdm\n- **Proper Error Handling** - Comprehensive logging and error messages\n\n### 🚧 NOT Currently Implemented (Honest Roadmap)\n\n- ❌ Real CVE database integration (uses sample data)\n- ❌ UDP port scanning\n- ❌ Subdomain enumeration\n- ❌ Directory traversal/bruteforcing\n- ❌ CSRF detection\n- ❌ Authenticated scanning\n- ❌ Full OWASP Top 10 coverage\n- ❌ OS fingerprinting\n- ❌ Exploit availability checking via real APIs\n\n**Why be honest?** Because integrity matters in cybersecurity. This tool does what it claims, and the code backs it up.\n\n---\n\n## 📋 Prerequisites\n\n- Python 3.8 or higher\n- pip package manager\n- Root/sudo access (for port scanning on Linux/Mac)\n- Internet connection\n- 4GB RAM minimum\n\n---\n\n## 🛠️ Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/Harshanandhan/vulnerability-scanner.git\ncd vulnerability-scanner\n\n# Install dependencies\npip install -r requirements.txt\n\n# Verify installation\npython scanner.py --help\n```\n\n### Quick Test\n\n```bash\n# Test against a safe, legal target\npython scanner.py -t scanme.nmap.org --quick\n```\n\n---\n\n## 📊 Usage Examples\n\n### Basic Scans\n\n```bash\n# Scan common ports (1-1000)\npython scanner.py -t 192.168.1.1\n\n# Quick scan (top 100 ports)\npython scanner.py -t example.com --quick\n\n# Scan specific port range\npython scanner.py -t 192.168.1.1 -p 1-500\n```\n\n### Advanced Scans\n\n```bash\n# Full port scan (all 65535 ports) - WARNING: Takes time!\npython scanner.py -t 192.168.1.1 --full\n\n# Web application only (no port scan)\npython scanner.py -t https://example.com --web-only\n\n# Generate PDF report\npython scanner.py -t example.com --report scan_report.pdf\n\n# Export as JSON for automation\npython scanner.py -t example.com --json results.json\n\n# Verbose output with detailed logging\npython scanner.py -t example.com --verbose\n```\n\n### Performance Tuning\n\n```bash\n# Increase threads for faster scanning\npython scanner.py -t 192.168.1.1 --threads 100\n\n# Adjust timeout for slow networks\npython scanner.py -t example.com --timeout 10\n\n# Quick scan with report\npython scanner.py -t scanme.nmap.org --quick --report quick_scan.pdf\n```\n\n---\n\n## 🔧 Command Line Options\n\n```\nRequired Arguments:\n  -t, --target TARGET          Target IP address, domain, or URL\n\nOptional Arguments:\n  -p, --ports PORTS           Port range (default: 1-1000)\n                              Examples: 80, 1-1000, 80,443,8080\n  \n  --quick                     Scan top 100 most common ports\n  --full                      Scan all 65535 ports (slow!)\n  --web-only                  Skip port scan, web testing only\n  --check-headers             Validate HTTP security headers\n  \n  --report FILENAME           Generate PDF report\n  --json FILENAME             Export results as JSON\n  \n  --timeout SECONDS           Connection timeout (default: 3)\n  --threads NUMBER            Concurrent threads (default: 50)\n  \n  -v, --verbose               Enable detailed logging\n  -h, --help                  Show help message\n```\n\n---\n\n## 📁 Project Structure\n\n```\nvulnerability-scanner/\n├── scanner.py                 # Main entry point\n├── README.md                  # This file\n├── QUICKSTART.md              # 2-minute setup guide\n├── IMPROVEMENTS.md            # v2.0 changelog\n├── requirements.txt           # Python dependencies\n├── LICENSE                    # MIT License\n├── .gitignore                 # Git ignore rules\n│\n├── modules/                   # Core modules\n│   ├── __init__.py           # Package initialization\n│   ├── port_scanner.py       # Multi-threaded TCP scanning\n│   ├── service_detector.py   # Service identification\n│   ├── web_scanner.py        # Web vulnerability tests\n│   ├── ssl_checker.py        # SSL/TLS analysis\n│   ├── vuln_checker.py       # Vulnerability matching (sample data)\n│   └── report_generator.py   # PDF report creation\n│\n├── data/                      # Data files\n│   └── common_ports.json     # Port definitions\n│\n├── reports/                   # Generated reports (gitignored)\n└── docs/                      # Additional documentation\n```\n\n---\n\n## 🔍 How It Works\n\n### 1. Port Scanning\n\nUses Python's `socket` library with multi-threading for performance:\n\n```python\nsock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nsock.settimeout(timeout)\nresult = sock.connect_ex((target, port))\n# result == 0 means port is open\n```\n\n**Limitations:** TCP only, no UDP support yet.\n\n### 2. Service Detection\n\nSends protocol-specific probes and analyzes banner responses:\n\n```python\n# HTTP probe example\nsock.send(b'GET / HTTP/1.0\\r\\n\\r\\n')\nbanner = sock.recv(1024)\n# Parse banner to identify service and version\n```\n\n**Limitations:** Basic banner grabbing, not as comprehensive as Nmap.\n\n### 3. Web Vulnerability Testing\n\n**SQL Injection:**\n- Sends common SQL injection payloads\n- Checks for database error messages in responses\n- Pattern: `' OR '1'='1`, `UNION SELECT`, etc.\n\n**XSS Testing:**\n- Injects XSS payloads in parameters\n- Checks if payload is reflected unescaped\n- Pattern: `\u003cscript\u003ealert('XSS')\u003c/script\u003e`, etc.\n\n**Security Headers:**\n- Validates presence of security headers\n- Checks: X-Frame-Options, CSP, HSTS, etc.\n\n**Limitations:** Basic pattern matching, no crawling, manual verification recommended.\n\n### 4. SSL/TLS Analysis\n\n- Certificate validation and expiry checking\n- Cipher suite strength analysis\n- Protocol version verification\n- Grade calculation (A+ to F)\n\n**Limitations:** Not as comprehensive as SSL Labs, basic checks only.\n\n### 5. Report Generation\n\nUses ReportLab to create professional PDF reports with:\n- Executive summary\n- Scan statistics\n- Open ports and services\n- Vulnerability findings\n- Recommendations\n\n---\n\n## 📈 Sample Output\n\n```\n┌────────────────────────────────────────────────────────────┐\n│         VulnScan v2.0 - Vulnerability Scanner              │\n│         Target: example.com (93.184.216.34)                │\n│         Author: Harshanandhan Reddy Gajulapalli           │\n└────────────────────────────────────────────────────────────┘\n\n[+] Starting scan at 2024-12-22 10:30:00\n\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] Port Scanning\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[*] Scanning ports 1-1000...\n[+] Port 22/tcp - open - SSH\n[+] Port 80/tcp - open - HTTP\n[+] Port 443/tcp - open - HTTPS\n\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] Service Detection\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[*] Detecting service on port 22...\n[+] OpenSSH 7.6p1\n[*] Detecting service on port 80...\n[+] Apache 2.4.29\n\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] Web Application Security\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[*] Testing https://example.com...\n[*] Testing for SQL Injection...\n[PASS] SQL Injection\n[*] Testing for XSS...\n[PASS] Cross-Site Scripting\n[*] Checking security headers...\n[WARN] Missing 3 security headers\n  - X-Frame-Options\n  - Content-Security-Policy\n  - X-Content-Type-Options\n\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] SSL/TLS Analysis\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[*] Analyzing SSL/TLS configuration...\n[+] Certificate valid\n[+] Expires: 2025-06-15\n[+] Grade: A\n\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] Scan Summary\n[++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]\n[+] Open Ports: 3\n[+] Services Detected: 2\n[+] Web Findings: 3\n[+] No vulnerabilities detected\n\n[*] Scan completed in 2m 15s\n════════════════════════════════════════════════════════════\n```\n\n---\n\n## ⚖️ Legal Disclaimer\n\n**⚠️ IMPORTANT - READ BEFORE USE ⚠️**\n\nThis tool is designed for **AUTHORIZED SECURITY TESTING ONLY**.\n\n### You MUST:\n✅ Only scan systems you own\n✅ Obtain written permission before scanning\n✅ Comply with all applicable laws and regulations\n✅ Follow responsible disclosure practices\n✅ Respect privacy and confidentiality\n\n### You MUST NOT:\n❌ Scan systems without authorization\n❌ Use for malicious purposes\n❌ Violate computer fraud laws\n❌ Cause harm or disruption\n\n**Unauthorized scanning is a CRIME in most jurisdictions.**\n\nThe author (Harshanandhan Reddy Gajulapalli) is **NOT responsible** for misuse of this tool.\n\n**USE AT YOUR OWN RISK. FOR EDUCATIONAL AND AUTHORIZED TESTING ONLY.**\n\n---\n\n## 🛡️ Ethical Usage Guidelines\n\n### Before Scanning:\n1. **Get Permission** - Written authorization is essential\n2. **Define Scope** - Clearly document what can be tested\n3. **Set Timeframe** - Agree on testing windows\n4. **Establish Communication** - Keep stakeholders informed\n\n### During Scanning:\n1. **Stay in Scope** - Only test agreed-upon targets\n2. **Document Everything** - Keep detailed logs\n3. **Be Respectful** - Avoid excessive load or disruption\n4. **Monitor Impact** - Watch for unintended consequences\n\n### After Scanning:\n1. **Report Responsibly** - Follow responsible disclosure\n2. **Secure Findings** - Handle data confidentially\n3. **Provide Value** - Clear, actionable recommendations\n4. **Follow Up** - Assist with remediation if requested\n\n---\n\n## 🧪 Safe Practice Targets\n\nThese targets are **LEGAL** to scan for practice:\n\n```bash\n# Nmap's official test server\npython scanner.py -t scanme.nmap.org\n\n# OWASP intentionally vulnerable sites\npython scanner.py -t http://testphp.vulnweb.com --web-only\npython scanner.py -t http://testaspnet.vulnweb.com --web-only\n\n# Your own local test environment\npython scanner.py -t localhost\npython scanner.py -t 127.0.0.1\n```\n\n**Always verify** that scanning is permitted before testing any target.\n\n---\n\n## 🐛 Known Limitations\n\n### Technical Limitations:\n- **TCP Only** - No UDP port scanning support\n- **No Authentication** - Cannot test authenticated endpoints\n- **Basic Web Tests** - Not as thorough as Burp Suite/ZAP\n- **Sample CVE Data** - Uses hardcoded vulnerabilities, not live API\n- **No Crawling** - Doesn't discover hidden pages/endpoints\n- **False Positives** - Manual verification recommended\n\n### Performance Limitations:\n- Full scans (65535 ports) are very slow\n- No distributed scanning support\n- Limited by single-threaded Python GIL\n\n### Scope Limitations:\n- No wireless network testing\n- No physical security assessment\n- No social engineering tests\n- No mobile app testing\n\n**This is a learning/portfolio project, not a replacement for professional tools.**\n\n---\n\n## 🔄 Version 2.0 Improvements\n\nSee [IMPROVEMENTS.md](IMPROVEMENTS.md) for complete changelog.\n\n### Key Fixes from v1.0:\n✅ **Honest Documentation** - README matches actual code\n✅ **Fixed Crashes** - Implemented all promised methods\n✅ **Cleaned Dependencies** - Removed unused libraries\n✅ **Better Error Handling** - Comprehensive logging\n✅ **Input Validation** - Validates targets before scanning\n✅ **Complete Structure** - All folders and data files included\n✅ **Author Attribution** - Proper credit throughout\n\n---\n\n## 🗺️ Roadmap\n\n### v2.1 (Future)\n- [ ] Real NVD API integration for CVE lookups\n- [ ] UDP port scanning support\n- [ ] Rate limiting to avoid IDS triggers\n- [ ] Enhanced error messages\n- [ ] Unit tests with pytest\n\n### v2.2 (Future)\n- [ ] Subdomain enumeration\n- [ ] Directory bruteforcing\n- [ ] Authenticated scanning\n- [ ] HTML report generation\n- [ ] REST API endpoint\n\n### v3.0 (Long-term Vision)\n- [ ] Machine learning for anomaly detection\n- [ ] GUI interface (tkinter or web-based)\n- [ ] Plugin system for extensions\n- [ ] Docker containerization\n- [ ] CI/CD with GitHub Actions\n- [ ] Smart contract auditing (blockchain integration)\n\n---\n\n## 🧪 Testing\n\n```bash\n# Run against safe test target\npython scanner.py -t scanme.nmap.org --quick\n\n# Generate test report\npython scanner.py -t scanme.nmap.org --report test_scan.pdf\n\n# Verbose mode for debugging\npython scanner.py -t localhost --verbose\n\n# Export test results\npython scanner.py -t 127.0.0.1 --json test_results.json\n```\n\n---\n\n## 🤝 Contributing\n\nContributions are welcome! This is a learning project.\n\n### How to Contribute:\n1. Fork the repository\n2. Create a feature branch (`git checkout -b feature/awesome-feature`)\n3. Make your changes\n4. Add tests if applicable\n5. Commit (`git commit -m 'Add awesome feature'`)\n6. Push (`git push origin feature/awesome-feature`)\n7. Open a Pull Request\n\n### Contribution Guidelines:\n- Follow PEP 8 style guide\n- Add docstrings to functions\n- Update README if adding features\n- Be honest about what works and what doesn't\n\n---\n\n## 📚 Learning Resources\n\nThis project was built while learning:\n\n### Network Security:\n- TCP/IP fundamentals\n- Socket programming in Python\n- Multi-threading and concurrency\n- Port scanning techniques\n\n### Web Security:\n- OWASP Top 10 vulnerabilities\n- SQL injection mechanics\n- Cross-site scripting (XSS)\n- HTTP security headers\n- SSL/TLS protocols\n\n### Python Development:\n- Project structure and packaging\n- Report generation with ReportLab\n- Command-line argument parsing\n- Logging and error handling\n\n### Key Takeaways:\n1. **Honesty in documentation builds trust**\n2. **Error handling is critical for production code**\n3. **Input validation prevents security issues**\n4. **Testing reveals assumptions quickly**\n\nSee [docs/LESSONS_LEARNED.md](docs/LESSONS_LEARNED.md) for detailed learnings.\n\n---\n\n## 🙏 Acknowledgments\n\n- **OWASP** - Web security testing methodology\n- **Nmap Project** - Port scanning inspiration  \n- **Python Community** - Excellent libraries and documentation\n- **Code Reviewers** - Feedback that improved this tool\n- **Security Community** - Shared knowledge and best practices\n\nSpecial thanks to everyone who provided constructive feedback.\n\n---\n\n## 📧 Contact \u0026 Links\n\n**Harshanandhan Reddy Gajulapalli**\n\n- **Email:** harshanandhan820@gmail.com\n- **GitHub:** [@Harshanandhan](https://github.com/Harshanandhan)\n- **LinkedIn:** [Connect with me](https://linkedin.com/in/harshanandhan)\n- **Portfolio:** Security Analyst Projects\n\n---\n\n## 📝 License\n\nMIT License\n\nCopyright (c) 2024 Harshanandhan Reddy Gajulapalli\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n\n---\n\n## 📊 Project Stats\n\n- **Language:** Python 3.8+\n- **Lines of Code:** ~1,500\n- **Modules:** 6\n- **Dependencies:** 8\n- **Version:** 2.0.0\n- **Status:** Production Ready\n- **License:** MIT\n- **Maintained:** Yes\n\n---\n\n**⚠️ Final Reminder**: Always scan ethically and legally. Authorization is mandatory. When in doubt, don't scan.\n\n**Built with integrity for the cybersecurity community.**\n\n---\n\n*Last Updated: December 22, 2024*  \n*Version: 2.0.0*  \n*Author: Harshanandhan Reddy Gajulapalli*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fharshanandhan%2Fvulnerability-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fharshanandhan%2Fvulnerability-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fharshanandhan%2Fvulnerability-scanner/lists"}