tejasadi13/Automated-Vulnerability-Scanner-for-Network-Devices

GitHub: tejasadi13/Automated-Vulnerability-Scanner-for-Network-Devices

Stars: 0 | Forks: 0

# Automated Vulnerability Scanner for Network Devices ![Node.js](https://img.shields.io/badge/Node.js-24.x-339933?style=for-the-badge&logo=node.js&logoColor=white) ![Express.js](https://img.shields.io/badge/Express.js-Backend-000000?style=for-the-badge&logo=express&logoColor=white) ![Nmap](https://img.shields.io/badge/Nmap-Scanning-214478?style=for-the-badge) ![JavaScript](https://img.shields.io/badge/JavaScript-ES6+-F7DF1E?style=for-the-badge&logo=javascript&logoColor=black) ![HTML5](https://img.shields.io/badge/HTML5-Frontend-E34F26?style=for-the-badge&logo=html5&logoColor=white) ![CSS3](https://img.shields.io/badge/CSS3-Styling-1572B6?style=for-the-badge&logo=css3&logoColor=white) ![Cybersecurity](https://img.shields.io/badge/Domain-Cybersecurity-0f172a?style=for-the-badge) ![Status](https://img.shields.io/badge/Status-Project%20Ready-22c55e?style=for-the-badge) A real-time cybersecurity and networking project that scans IP addresses, hostnames, small subnet ranges, and web URLs to identify exposed ports, running services, and basic security risks through an interactive dashboard. ## Highlights - Real `Nmap`-powered network scanning - Support for IPs, hostnames, CIDR ranges, and URLs - Live dashboard with device inventory, alerts, and logs - Rule-based vulnerability findings and severity scoring - CSV report export for project documentation and demos ## Project Overview This project is a web-based vulnerability scanning platform built for academic and practical security assessment. It combines: - real `Nmap`-powered scanning - live host and port discovery - service and OS hint detection - rule-based vulnerability analysis - severity scoring and device inventory - scan history, alerts, and CSV export The system is designed for controlled lab usage, course demonstrations, and foundational network exposure assessment. ## Core Features - Login-based dashboard access - Scan support for IPv4 addresses, hostnames, small CIDR ranges such as `192.168.1.0/30`, and full URLs such as `https://example.com` - Scan modes: `Quick Discovery`, `Web Surface`, and `Deep Inspection` - Real `Nmap` integration with retry profiles - TCP fallback if Nmap fails for a target - Expandable device cards with hostname, IP, device type, OS hint, open ports, services, findings, and risk score - Alerts and recent scan history - CSV report export ## Tech Stack - `Node.js` - `Express.js` - `HTML` - `CSS` - `JavaScript` - `Nmap` ## Demo Flow 1. Log into the dashboard. 2. Enter an IP, subnet, hostname, or URL. 3. Select a scan mode. 4. Execute the scan. 5. Review discovered assets, services, and findings. 6. Export the results as a CSV report. ## Project Structure realtime-vulnerability-scanner/ |-- public/ | |-- app.js | |-- index.html | `-- styles.css |-- src/ | |-- routes/ | | |-- auth.js | | |-- health.js | | `-- scans.js | |-- services/ | | |-- networkScanner.js | | `-- scanEngine.js | `-- server.js |-- .env |-- .env.example |-- .gitignore |-- package.json |-- package-lock.json `-- README.md ## How It Works 1. The user logs into the dashboard. 2. A target is entered as an IP, hostname, CIDR range, or URL. 3. The backend validates the input and chooses scan behavior based on mode. 4. `Nmap` scans the target and returns service and host information. 5. The backend parses results and generates security findings. 6. The frontend displays results in device cards, alerts, and reports. ## Requirements - `Node.js` - `npm` - `Nmap` for full scan capability - Windows, Linux, or another system capable of running Node and Nmap ## Environment Setup Create a `.env` file using `.env.example`. Example: PORT=5050 APP_NAME=PulseGuard STREAM_INTERVAL_MS=5000 NMAP_PATH=C:\Program Files (x86)\Nmap\nmap.exe ## Running the Project ### In VS Code on Windows npm.cmd install npm.cmd run dev Open: `http://127.0.0.1:5050` ### Demo Login - Email: `admin@pulseguard.local` - Password: `admin123` ## Screens Included - Login page - Dashboard overview - Vulnerability scanner - Device inventory - Alerts and logs - CSV report export ## Example Test Inputs ### Localhost Scan - Target: `127.0.0.1` - Mode: `Quick Discovery` - Ports: `80,443,5050` ### Local Network Scan - Target: `192.168.1.0/30` - Mode: `Quick Discovery` ### Website Scan - Target: `https://example.com` - Mode: `Web Surface` ## API Endpoints - `POST /api/auth/login` - `GET /api/health` - `GET /api/scans/overview` - `GET /api/scans/devices` - `GET /api/scans/events` - `GET /api/scans/history` - `POST /api/scans/run` Example scan request: { "targets": "127.0.0.1", "ports": "80,443,5050", "scanMode": "quick" } ## Academic Scope This project currently includes: - real active scanning with `Nmap` - rule-based vulnerability findings - interactive dashboard reporting - exportable CSV reporting This project does not yet include: - full CVE correlation from a live vulnerability database - persistent database-backed scan storage - enterprise-scale distributed scanning - authenticated deep host audits ## Future Enhancements - CVE and NVD correlation - PDF export - persistent database for scan records - email or webhook alerts - advanced web application fingerprinting - authenticated scanning support ## Safety Note Use this project only on systems, networks, and web targets that you own or are explicitly authorized to assess. ## Project Context This repository was prepared as a cybersecurity and networking course project focused on practical scanning, exposure analysis, and dashboard-based reporting.

标签：自定义脚本