Created by Soumit Santra β Network & Web Vulnerability Assessment Tool
Β© 2026 Soumit Santra. All rights reserved.
THIS TOOL IS STRICTLY FOR AUTHORIZED SECURITY TESTING ONLY!
- DO NOT USE on systems you don't own or without explicit written permission
- UNAUTHORIZED SCANNING is illegal under Computer Fraud and Abuse Act (USA), Computer Misuse Act (UK), and similar laws worldwide
- OBTAIN WRITTEN AUTHORIZATION before testing any third-party systems
- THE AUTHOR IS NOT RESPONSIBLE for misuse, damages, legal consequences, or illegal activities
- VIOLATORS FACE CRIMINAL PROSECUTION including fines and imprisonment
Ethical Use Only:
- Authorized penetration testing with written permission
- Security auditing of systems you own
- Educational learning in controlled lab environments
- Professional security assessments with proper contracts
- Bug bounty programs with explicit authorization
- Never use against systems without explicit written permission
This tool is designed to help security professionals, students, and system administrators understand:
- Network reconnaissance techniques and methodologies
- Common web application vulnerabilities
- Security header configurations and best practices
- Port scanning and service enumeration
- Information gathering techniques
- Vulnerability assessment workflows
- IP Address Resolution - DNS lookup with reverse DNS
- Top-Level Domain Analysis - TLD extraction and nameserver discovery
- Port Scanning - Comprehensive Nmap-based service detection
- WHOIS Lookup - Domain registration and ownership information
- Security Headers Analysis - Missing/misconfigured HTTP security headers
- SSL/TLS Configuration - Certificate and cipher suite analysis
- XSS Detection - Cross-Site Scripting vulnerability testing
- SQL Injection Testing - Database injection point identification
- Command Injection - OS command injection detection
- SSRF Testing - Server-Side Request Forgery checks
- Path Traversal - Directory traversal vulnerability detection
- CORS Misconfiguration - Cross-Origin Resource Sharing issues
- Information Disclosure - Sensitive data exposure detection
- Robots.txt Analysis - Parse and identify sensitive paths
- API Endpoint Discovery - Detect REST/GraphQL endpoints
- Web Service Detection - Identify CMS, frameworks, and services
- HTTP Method Enumeration - Test for dangerous HTTP methods
- Sensitive File Detection - Search for configuration and backup files
- Comprehensive Reports - Detailed multi-section security assessment
- Color-coded Terminal Output - Easy-to-read formatted results
- Progress Indicators - Real-time scan progress with tqdm
- Custom Save Locations - Flexible result storage options
- Individual Scan Results - Save specific scan outputs separately
- Python 3.6+
- Nmap must be installed on your system
- The script automatically installs required Python packages:
requestspython-whoisdnspythonpython-nmapcoloramatqdmbeautifulsoup4urllib3
Linux:
sudo apt-get update
sudo apt-get install nmapmacOS:
brew install nmapWindows: Download from nmap.org
Option 1: Auto-install (Recommended for Beginners)
- Download the script
- Run with Python:
python3 scanner.py
- Dependencies install automatically on first run
- Restart the script if prompted after installation
Option 2: Manual Installation (Recommended for Advanced Users)
# Clone or download the repository
git clone https://github.com/yourusername/vulnerability-scanner.git
cd vulnerability-scanner
# Create virtual environment (optional but recommended)
python3 -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
# Install dependencies from requirements.txt
pip install -r requirements.txt
# Make executable (Linux/macOS)
chmod +x scanner.py
# Run the tool
python3 scanner.pyWhy Two Options?
- Auto-install: Convenient for quick testing and beginners
- Manual install: Better for production, virtual environments, and version control
Run the script and choose from 7 different security assessment operations:
PORT SCANNER MENU
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1. Analyze Top-Level Domain
2. Get IP Address Information
3. Run Nmap Port Scan
4. Check robots.txt
5. Get WHOIS Information
6. Run Web Vulnerability Scan
7. Run Comprehensive Scan (All of the above)
0. Exit
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Interactive Mode:
python3 scanner.py
# Enter target when promptedDirect Target Specification:
# Scan a domain
python3 scanner.py example.com
# Scan an IP address
python3 scanner.py 192.168.1.100
# Scan a URL
python3 scanner.py https://example.comQuick Domain Scan:
python3 scanner.py example.com
Select option: 2 # Get IP information
Select option: 4 # Check robots.txtComprehensive Security Assessment:
python3 scanner.py target-domain.com
Select option: 7 # Run all scans
Save report? (y/n): y
Enter save location: /path/to/reports/Port Scan with Service Detection:
python3 scanner.py 192.168.1.50
Select option: 3 # Nmap scan
[Scanning with progress bar...]
Save result? (y/n): y- Color-coded Results - Easy visual identification
- Green: Success and open ports
- Blue: Information messages
- Yellow: Warnings
- Red: Errors and closed ports
- Cyan: Debug information
- Progress Bars - Real-time scan progress
- Formatted Sections - Clear headers and separators
- Symbol Legend - Port state indicators
Default Save Location:
results_<target>_YYYYMMDD_HHMMSS/
βββ tld_analysis.txt # Domain structure analysis
βββ ip_address.txt # IP resolution details
βββ nmap_scan.txt # Port scan results
βββ robots_txt.txt # Robots.txt findings
βββ whois_info.txt # WHOIS data
βββ web_vulns.txt # Vulnerability scan results
βββ comprehensive_report.txt # Complete assessment
Comprehensive Report Sections:
- Summary - Executive overview with key findings
- IP Address Information - Network details
- Top-Level Domain Information - DNS structure
- WHOIS Information - Registration data
- Robots.txt Analysis - Sensitive path discovery
- Port Scan Results - Open services and versions
- Web Vulnerability Results - Security assessment
This tool helps security professionals understand:
- Reconnaissance Techniques - Information gathering methodologies
- Vulnerability Assessment - Common web application flaws
- Security Best Practices - Proper header configuration
- Network Scanning - Port scanning and service enumeration
- Reporting - Professional security assessment documentation
- X-Content-Type-Options
- X-Frame-Options
- Strict-Transport-Security (HSTS)
- Content-Security-Policy (CSP)
- X-XSS-Protection
- Referrer-Policy
- Feature-Policy
- Cache-Control
- X-Permitted-Cross-Domain-Policies
- XSS payloads (10+ variants)
- SQL injection (12+ payloads)
- Command injection (8+ techniques)
- Path traversal (6+ methods)
- SSRF endpoints (AWS, GCP, Azure metadata)
- Directory traversal detection
- API endpoint discovery
- Information disclosure patterns
- β Authorized penetration testing with written permission
- β Security auditing of your own systems
- β Bug bounty programs with explicit scope
- β Educational use in controlled lab environments
- β Professional security assessments with contracts
- β Unauthorized network scanning
- β Testing systems without permission
- β Exploiting discovered vulnerabilities
- β Circumventing security measures
- β Any malicious or harmful activities
Be aware of these laws in your jurisdiction:
- Computer Fraud and Abuse Act (CFAA) - USA
- Computer Misuse Act - UK
- Cybercrime Act - Various countries
- GDPR and data protection laws - EU
- Local cybersecurity legislation
If you discover vulnerabilities during authorized testing:
- Document carefully - Note all details without exploiting
- Report responsibly - Contact system owner immediately
- Follow disclosure guidelines - Respect coordinated disclosure
- Provide remediation advice - Help fix the issue
- Maintain confidentiality - Don't publicize until fixed
Nmap Not Found:
# Verify Nmap installation
nmap --version
# Install if missing
sudo apt-get install nmap # Linux
brew install nmap # macOSPermission Denied:
# Some scans require elevated privileges
sudo python3 scanner.pyModule Import Errors:
# Force reinstall dependencies
pip install --force-reinstall -r requirements.txt
# Or let script auto-install
python3 scanner.py # Will check and installTimeout Errors:
- Target may be blocking scans
- Firewall may be interfering
- Network connectivity issues
- Adjust timeout values in code if needed
SSL Certificate Errors:
- Scanner disables SSL verification for testing
- This is intentional for security assessment
- Not recommended for production use
Contributions welcome for:
- Additional vulnerability tests
- Improved detection accuracy
- Better reporting formats
- Performance optimizations
- Bug fixes and stability improvements
- Documentation enhancements
Guidelines:
- Follow PEP 8 style conventions
- Add docstrings to new functions
- Test thoroughly before submitting
- Update documentation for new features
- Maintain ethical use focus
Recommended Resources:
- OWASP Testing Guide
- "The Web Application Hacker's Handbook" by Stuttard & Pinto
- "Nmap Network Scanning" by Gordon Lyon
- NIST Cybersecurity Framework
- SANS Penetration Testing Resources
- CVE Database and vulnerability research
This tool performs active security testing that may:
- Trigger intrusion detection systems
- Be logged and monitored by target systems
- Violate terms of service
- Result in criminal prosecution if used without authorization
- Cause service disruption if misconfigured
Remember:
- Authorization is MANDATORY
- Documentation is ESSENTIAL
- Ethical conduct is NON-NEGOTIABLE
- Legal compliance is YOUR RESPONSIBILITY
When in doubt, DON'T SCAN. Always obtain explicit written permission.
MIT License - See LICENSE file for details
This tool is provided "as is" without warranty. Users are solely responsible for ensuring their use complies with all applicable laws and regulations.
"Security tools are like lock picks - powerful when used by professionals for legitimate purposes, dangerous when misused. Always choose the ethical path."