Ronak-biswas/-Web-Vulnerability-Scanner-codetech-task-2

# 🛡️ Web Vulnerability Scanner , Python-based automated command-line security tool designed to audit web applications for common flaws. The scanner automatically crawls target URLs, extracts input forms, and evaluates HTTP response headers along with classic client/server-side vulnerability entry points. This project was developed to practically understand the mechanics behind automated web application scanning, DOM parsing, and security payload analysis. ## ✨ Features * **🌐 Automated Target Crawling:** Parses the DOM structure of the target page to automatically discover internal links and input forms (`

`, ``). * **🔒 Security Header Audit:** Analyzes HTTP response headers to detect missing defensive configurations (such as *X-Frame-Options*, *Content-Security-Policy*, etc.). * **💉 Error-Based SQL Injection Testing:** Injects targeted SQL payloads into discovered form fields to check if the backend database returns verbose error messages. * **📜 Reflected XSS Detection:** Probes available input vectors to determine if user-supplied scripts are reflected back directly into the application's response body. * **🎨 Styled Terminal Interface:** Utilizes `colorama` to provide organized, color-coded (Red/Green/Yellow) terminal logging and audit summaries. ## 🛠️ Tech Stack & Dependencies * **Language:** Python 3.x * **Core Libraries:** * `requests` - For managing HTTP sessions, headers, and payload transmissions. * `beautifulsoup4` - For structurally parsing HTML documents and extracting elements. * `colorama` - For cross-platform terminal text formatting and styling. * `argparse` - For handling command-line arguments and target parameters systematically.