An enterprise-grade Python vulnerability scanner with automated network discovery, advanced pattern detection, and professional reporting capabilities.
Transform your network security assessment workflow with automated discovery, comprehensive vulnerability detection, and professional multi-format reporting.
- WiFi/Ethernet Interface Detection: Automatically identifies network interfaces
- Interactive Target Selection: Guided target selection with network topology display
- Auto-Discovery Mode: Scans local networks for active hosts
- Gateway Detection: Automatically identifies and prioritizes gateway targets
- 150+ Vulnerability Signatures: Comprehensive database with CVE mappings
- Pattern Matching Engine: Regex-based detection against service banners
- Risk Prioritization: Intelligent scoring by severity + exploitability
- Service Version Analysis: Known vulnerable version detection
- HTML Reports: Interactive reports with charts and executive summaries
- Multiple Formats: JSON, CSV, Markdown export options
- Executive Summaries: Risk-level assessments and recommendations
- Charts & Visualizations: Severity distribution and trend analysis
- Rate Limiting: Respectful scanning with configurable request rates
- Circuit Breakers: Graceful handling of failing targets
- Adaptive Threading: Auto-adjusting worker pools based on responsiveness
- Memory Management: Resource monitoring and optimization
- Python 3.7+ (3.9+ recommended)
- pip package manager
- Network access for target scanning
# Clone and setup (recommended)
git clone https://github.com/YOUR_USERNAME/network-vuln-scanner.git
cd network-vuln-scanner
./setup.sh# Clone the repository
git clone https://github.com/YOUR_USERNAME/network-vuln-scanner.git
cd network-vuln-scanner
# Create virtual environment
python3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Make scripts executable
chmod +x main.py main_enhanced.py setup.sh# Guided target selection with network discovery
python main_enhanced.py -i# Discover and scan all local networks
python main_enhanced.py --auto-discover
# Scan specific network range
python main_enhanced.py --network 192.168.1.0/24
# WiFi networks only
python main_enhanced.py --auto-discover --wifi-only# Generate comprehensive HTML report
python main_enhanced.py --auto-discover --format html -o reports/security_audit.html
# CSV data for analysis
python main_enhanced.py --network 192.168.1.0/24 --format csv -o data/vulnerabilities.csv
# Markdown documentation
python main_enhanced.py --auto-discover --format markdown -o docs/security_report.md# Rate-limited scanning (5 requests/second)
python main_enhanced.py --auto-discover --rate-limit 5.0
# Quick scan (gateway + top 10 hosts)
python main_enhanced.py --auto-discover --summary# Single target scan
python main.py 192.168.1.1
# Specific ports and scan types
python main.py 192.168.1.1 -p 22,80,443 -t active -v
# Save results
python main.py 192.168.1.1 -o results.jsontarget: Target IP address or hostname (required)-p, --ports: Port range to scan (default: 1-1000)-t, --type: Scan type [passive, active, both] (default: both)-o, --output: Output file for results-v, --verbose: Enable verbose output--timeout: Connection timeout in seconds (default: 5)
The scanner uses a configuration file located at config/scanner_config.json. You can customize:
- Default timeouts and thread limits
- Vulnerability check preferences
- Output formatting options
- Predefined port ranges
Results are provided in JSON format:
{
"passive": {
"target": "192.168.1.1",
"open_ports": [22, 80, 443],
"services": {
"22": {
"service": "SSH",
"banner": "OpenSSH_8.0",
"version": "8.0"
}
},
"os_fingerprint": {
"os_guess": "Linux/Unix",
"ttl": 64,
"confidence": "low"
}
},
"active": {
"target": "192.168.1.1",
"vulnerabilities": [
{
"port": 443,
"service": "HTTPS",
"vulnerability": "Self-Signed Certificate",
"severity": "Medium",
"description": "Server uses a self-signed SSL certificate"
}
]
}
}network-vuln-scanner/
βββ main.py # Main CLI application
βββ src/
β βββ scanners/
β β βββ __init__.py # Base scanner class
β β βββ passive_scanner.py # Passive reconnaissance
β β βββ active_scanner.py # Active vulnerability detection
β βββ utils/
β βββ logger.py # Logging utilities
β βββ config.py # Configuration management
βββ tests/ # Unit tests
βββ config/ # Configuration files
βββ docs/ # Documentation
βββ requirements.txt # Python dependencies
βββ README.md # This file
This tool is designed for:
- Security assessment of your own systems
- Authorized penetration testing
- Educational purposes
- Network administration and monitoring
Important: Only use this tool on networks and systems you own or have explicit permission to test. Unauthorized scanning of networks may be illegal and unethical.
- Fork the repository
- Create a feature branch
- Add tests for new functionality
- Ensure all tests pass
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
This tool is provided for educational and authorized testing purposes only. Users are responsible for complying with applicable laws and regulations. The authors are not responsible for any misuse of this tool.