Hargun12/OEM-Vulnerability-scanner
GitHub: Hargun12/OEM-Vulnerability-scanner
一个集成 NVD 的 Web 漏洞扫描器,自动化发现并分级网站安全风险以生成标准化报告。
Stars: 0 | Forks: 0
# 🛡️ OEM 漏洞扫描器
一个全面的 Web 漏洞扫描器,可对多个网站执行安全评估并与 NVD 数据集成。
## ✨ 功能
- 🔍 **自动化网站安全扫描**
- 📊 **多项安全检查**(CSRF、头部信息、暴露信息等)
- 🌐 **集成 NVD** 获取已知漏洞
- 📈 **风险评分与严重性分类**
- 💾 **多种导出格式**(CSV、JSON)
- 🎯 **详细的漏洞报告**
### 安装
```
git clone https://github.com/yourusername/oem-vulnerability-scanner.git
cd oem-vulnerability-scanner
pip install -r requirements.txt
####################################################################################################################################################################################
# OEM 漏洞扫描器
A comprehensive web vulnerability scanner that performs security assessments on multiple websites and integrates with NVD data.
## 功能
- Automated Website Security Scanning
- Multiple Security Checks (CSRF, Headers, Exposed Info, etc.)
- NVD Integration for known vulnerabilities
- Risk Scoring & Severity Classification
- Multiple Export Formats (CSV, JSON)
- Detailed Vulnerability Reporting
## 快速开始
### 安装
git clone https://github.com/yourusername/oem-vulnerability-scanner.git
cd oem-vulnerability-scanner
pip install -r requirements.txt
### 用法
1. Create a websites file (websites.txt or websites.csv):
https://example.com
https://google.com
https://github.com
2. Run the scanner:
python scanner.py
### 手动文件指定
from scanner import OEMScraper
scraper = OEMScraper()
scraper.load_website_list('path/to/your/websites.txt')
results = scraper.scan_all_websites()
## 执行的安全检查
- CSRF Protection Analysis
- Security Headers Validation
- Exposed Software Versions
- Mixed Content Detection
- Administrative Paths Discovery
- Sensitive Information in Comments
## 示例输出
The scanner generates detailed reports including:
- Risk scores (0-10)
- Severity levels (LOW, MEDIUM, HIGH)
- Technical details
- Mitigation recommendations
## 示例用法
from scanner import OEMScraper
# 初始化扫描器
scraper = OEMScraper()
# 加载并扫描网站
scraper.load_website_list('websites.txt')
vulnerabilities = scraper.scan_all_websites()
# 保存结果
scraper.save_to_csv('my_scan_results.csv')
## 免责声明
This tool is for educational and authorized security testing purposes only. Always ensure you have proper authorization before scanning any websites.
## 许可
MIT License - see LICENSE file for details.
```
标签:CSRF, JSON导出, NVD集成, SEO安全, Web安全, 反取证, 后端开发, 威胁情报, 安全合规, 安全头检查, 安全评估, 开发者工具, 开源安全工具, 漏洞报告, 网站安全检测, 网络代理, 蓝队分析, 逆向工具, 逆向工程平台, 风险评分