VladimirRamirez07/network-vulnerability-scanner

# 🔍 网络漏洞扫描器          ## 📸 报告预览  ## 🚀 功能特性 - 🔎 通过 Nmap 进行**端口扫描**，检测服务和版本 - 🗄️ 将扫描结果**持久化存储**在本地 SQLite 数据库中 - ⚠️ 对照精选的已知漏洞数据库进行 **CVE 漏洞分析** - 📄 生成包含执行摘要、风险表格和建议的**专业 PDF 报告** - 🎨 **颜色编码的风险等级**：CRITICAL / HIGH / MEDIUM / LOW / INFO ## 🛠️ 技术栈 | 技术 | 用途 | |-----------|---------| | Python 3.8+ | 核心语言 | | Nmap + python-nmap | 网络端口扫描 | | ReportLab | PDF 报告生成 | | SQLite3 | 本地扫描数据存储 | ## 📁 项目结构 ``` network-vulnerability-scanner/ │ ├── src/ │ ├── scanner.py # Nmap-based port & service scanner │ ├── database.py # SQLite storage module │ ├── vulnerabilities.py # CVE analysis engine │ └── report_generator.py # Professional PDF generator │ ├── reports/ # Generated PDF reports ├── database/ # SQLite database files ├── main.py # Entry point └── requirements.txt ``` ## ⚙️ 安装说明 ### 前置条件 - [Python 3.8+](https://www.python.org/downloads/) - [Nmap 7.99](https://nmap.org/download.html) ### 步骤 ``` # 1. Clone the repository git clone https://github.com/VladimirRamirez07/network-vulnerability-scanner.git cd network-vulnerability-scanner # 2. Create virtual environment python -m venv venv venv\Scripts\activate # Windows # source venv/bin/activate # Linux/Mac # 3. Install dependencies pip install -r requirements.txt ``` ## ▶️ 使用说明 ``` # Scan 默认端口范围 (1-1024) python main.py scanme.nmap.org # Scan 指定端口 python main.py scanme.nmap.org --ports 80,443,22 # Scan 完整端口范围 python main.py 192.168.1.1 --ports 1-65535 # Show 帮助 python main.py --help ``` 扫描器将自动执行以下操作： 1. 解析目标主机名和 IP 2. 扫描指定的端口范围以查找开放服务 3. 检测服务名称和软件版本 4. 将发现的结果与已知 CVE 进行匹配 5. 将所有结果保存到 SQLite 数据库 6. 在 `/reports` 目录下生成专业的 PDF 报告 ## 📊 输出示例 ``` [] Nmap version: (7, 99) [] Database initialized successfully [] Starting scan on: scanme.nmap.org [] Port range: 1-1024 [*] Start time: 2026-05-14 19:01:07 [+] Port 22/tcp - OPEN - ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 [+] Port 80/tcp - OPEN - http Apache httpd 2.4.7 [*] Scan complete. Open ports found: 2 ============================================================ VULNERABILITY ANALYSIS [!] Port 22/tcp — OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.13 🟠 CVE-2016-0777 [HIGH] CVSS: 8.0 OpenSSH client leaks private keys via roaming feature. 🟠 CVE-2015-5600 [HIGH] CVSS: 8.5 Unlimited brute-force via keyboard-interactive auth. 🟡 CVE-2015-6564 [MEDIUM] CVSS: 6.9 Use-after-free in PAM support allows privilege escalation. [!] Port 80/tcp — Apache httpd 2.4.7 🔴 CVE-2021-41773 [CRITICAL] CVSS: 9.8 Path traversal and RCE in Apache HTTP Server 2.4.49. 🟠 CVE-2017-9798 [HIGH] CVSS: 7.5 Optionsbleed: process memory leak via OPTIONS method. 🟡 CVE-2014-0117 [MEDIUM] CVSS: 4.3 mod_proxy allows DoS via crafted HTTP requests. ============================================================ Total vulnerabilities found: 6 [*] Scan saved to database — ID: 1 [✓] Scan successful: 45.33.32.156 [✓] Open ports: 2 [✓] Vulnerabilities found: 6 [✓] PDF report generated: reports/scan_report_scanme_nmap_org_20260514.pdf ``` ## ⚠️ 免责声明 ## 👨‍💻 作者 **Vladimir Ramirez** — [@VladimirRamirez07](https://github.com/VladimirRamirez07)

标签：CTI, CVE分析, Nmap, PDF报告生成, Python, Qt框架, ReportLab, SQLite, 占用监测, 实时处理, 开源安全工具, 插件系统, 数据统计, 无后门, 无线安全, 服务识别, 白帽黑客, 端口扫描, 网络安全, 虚拟驱动器, 资产管理, 逆向工具, 逆向工程平台, 隐私保护