Sudheer-pi/-Vulnerability-scanner

GitHub: Sudheer-pi/-Vulnerability-scanner

Stars: 0 | Forks: 0

# 🛡️ Cybersecurity Vulnerability Scanner [![Python Version](https://img.shields.io/badge/python-3.8%2B-blue.svg?style=for-the-badge&logo=python&logoColor=white)](https://www.python.org/) [![License](https://img.shields.io/badge/license-MIT-emerald.svg?style=for-the-badge)](LICENSE) [![Platform](https://img.shields.io/badge/platform-Windows%20%7C%20Linux%20%7C%20macOS-slate.svg?style=for-the-badge)](#) [![SecOps Category](https://img.shields.io/badge/Security-Audit--Tool-red.svg?style=for-the-badge)](#) A high-performance, portfolio-grade, and beginner-friendly **Cybersecurity Vulnerability Scanner** written in Python. It features a stunning, immersive dark-themed "hacker console" GUI alongside a robust CLI mode, multi-threaded port scanner, welcome banner grabber, and non-intrusive HTTP/HTTPS header security auditing. This project is built from scratch with zero heavy dependencies to maximize portability and readability, making it perfect for student portfolios, cybersecurity bootcamps, and technical interviews. ## 🎯 Key Features - **📡 Concurrency Engine:** Highly responsive port scanner using multi-threaded connection socket handshakes. - **💻 Immersive Hacker Theme:** Modern slate-dark Tkinter GUI (`#090D16`) with glowing emerald accents and scrolling real-time terminal progress. - **🏷️ Banner Grabber:** Intercepts TCP welcome banners (e.g., FTP greet text, SSH client strings) to identify services. - **🔒 HTTP Header Security Auditor:** Sends non-intrusive HTTP audits to web servers to detect: - Software version exposures in the `Server` header. - Missing clickjacking protection (`X-Frame-Options`). - Missing content injection mitigation (`Content-Security-Policy`). - Missing cross-site script sniffing defenses (`X-Content-Type-Options`). - Missing secure transport policies (`Strict-Transport-Security`). - **📊 Premium Exports:** - **HTML Security Dashboard:** Dynamic responsive web page showing metadata grids, severity threat lists, and print-optimized settings for a perfect "Save to PDF" export. - **ASCII Plain Text:** Classical network report with retro ASCII header logs. - **🧠 Hybrid Execution:** Auto-detects environment. Boots up a visual desktop GUI, or drops back gracefully to CLI terminal mode for server integrations. ## 📁 Repository Directory Structure Vulnerability Scanner/ ├── README.md # Visual repository documentation & setup manual ├── LICENSE # Open-source MIT Licensing ├── requirements.txt # Package requirements (only requests is needed) ├── .gitignore # Ignores build cache, virtualenvs, local security scans ├── main.py # Application bootloader (dispatches GUI or CLI) └── src/ ├── __init__.py # Standard module initialization ├── scanner.py # Concurrency TCP socket scanner & HTTP header auditor ├── reporter.py # TXT ASCII report and CSS HTML dashboard exporter └── gui.py # Tkinter multi-thread dashboard console layout ## ⚡ Setup & Run Instructions ### 1. Clone & Initialize Create a virtual environment and install the single required dependency (`requests`): # Clone the repository (or copy the project directory) cd "Vulnerability Scanner" # Create a virtual environment python -m venv venv # Activate virtual environment (Windows) venv\Scripts\activate # Activate virtual environment (macOS / Linux) source venv/bin/activate # Install HTTP header scanner dependency pip install -r requirements.txt ### 2. Run in Desktop GUI Mode (Default) Simply run without flags to open the interactive dark-themed security dashboard: python main.py ### 3. Run in Command Line (CLI) Mode Execute the scanner entirely inside the command terminal. Perfect for automated audits: # Scan default common ports on localhost python main.py --cli --target 127.0.0.1 # Scan custom range of ports with customized thread pools python main.py --cli --target scanme.nmap.org --ports 20-100 --threads 25 ## ⚙️ Architecture & Object-Oriented Design The scanner adheres to professional object-oriented design and SOLID principles: 1. **Separation of Concerns (`src/scanner.py`):** The core network scanner does not know anything about Tkinter or console displays. It communicates strictly through loose callbacks, enabling the exact same module to be plugged into the GUI or the CLI seamlessly. 2. **Thread Safety (`src/gui.py`):** Tkinter is not thread-safe. All network scans run asynchronously inside a background worker thread. Discovered open ports and progress ticks are put into a thread-safe `queue.Queue` which is polled by the main GUI thread every 100ms, ensuring zero application freezing. 3. **Responsive CSS reporting (`src/reporter.py`):** The HTML report is styled with curated palettes and clean layouts, including `@media print` directives that automatically drop heavy dark borders and backgrounds when printing, allowing for professional vector PDF creation via standard browser printing. ## ⚠️ Safe Use & Legal Disclaimer ## 📄 License Distributed under the **MIT License**. See `LICENSE` for details.