MohidAkbar/VulnScanner

GitHub: MohidAkbar/VulnScanner

一款带有赛博朋克风格 GUI 的 Web 漏洞扫描器,集成安全头检测、敏感文件扫描、目录枚举、SQL 注入、XSS 检测和端口扫描六大模块。

Stars: 0 | Forks: 0

# 🛡️ VulnScanner Pro v2.0 ![版本](https://img.shields.io/badge/version-2.0-red) ![Python](https://img.shields.io/badge/python-3.8+-blue) ![许可证](https://img.shields.io/badge/license-MIT-green) 一款具有精美赛博朋克 GUI 的专业 Web 漏洞扫描器。专为安全研究人员、渗透测试人员以及网络安全学生打造。 ## ✨ 功能 ### 🔍 6 大扫描模块 - **安全标头** — CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy - **暴露的文件** — .git/config, .env, 备份文件, phpinfo, 后台管理面板等 15+ 个敏感文件 - **目录枚举** — 25+ 个常见目录(admin, backup, .git, wp-content 等) - **SQL 注入** — 使用多个 payload 进行基于表单和 URL 参数的测试 - **XSS 检测** — 对输入表单进行反射型跨站脚本测试 - **端口扫描器** — 包含服务识别的 16 个端口扫描(FTP, SSH, MySQL, RDP 等) ### 🎨 GUI 特性 - 🎯 带有实时粒子动画的赛博朋克暗色主题 - 📊 实时严重性统计(严重/高/中/低/信息) - 🧪 一键预设测试目标 - 📁 带有时间戳的扫描历史记录 - 📊 包含扫描分析数据的仪表板 - 📥 一键导出报告(.txt) - 📱 完全响应式设计 ## 🛠️ 技术栈 | 层级 | 技术 | |-------|-----------| | 后端 | Python 3 + Flask | | 前端 | HTML5 + CSS3 + Vanilla JavaScript | | 扫描引擎 | Requests, BeautifulSoup4, Socket | | 数据存储 | JSON(扫描历史记录) | | 打包 | PyInstaller (.exe) | ## 📦 安装说明 ``` git clone https://github.com/MohidAkbar/VulnScanner.git cd VulnScanner pip install -r requirements.txt python app.py Open your browser at: http://127.0.0.1:5000 Windows EXE Download VulnScannerPro.exe from Releases and double-click. No Python required! 🎯 Usage Launch the application Enter a target URL or click a preset Click ▶ Scan Now View results with severity levels Click 📥 Export Report to download results Test Targets URL Description https://testphp.vulnweb.com Acunetix test site (safe to scan) http://scanme.nmap.org Nmap port scan test https://httpbin.org HTTP request testing 📁 Project Structure text VulnScanner/ ├── app.py # Main Flask server ├── scanner/ │ ├── headers.py # Security headers checker │ ├── files.py # Exposed files scanner │ ├── dirs.py # Directory enumeration │ ├── sqli.py # SQL injection tests │ ├── xss.py # XSS detection │ └── ports.py # Port scanner ├── templates/ │ └── index.html # Cyberpunk GUI ├── requirements.txt # Python dependencies └── README.md ⚠️ Disclaimer FOR EDUCATIONAL AND AUTHORIZED TESTING ONLY. Only scan websites you own or have explicit permission to test. The author is not responsible for misuse. 👨‍💻 Author Mohid Akbar 🎓 BS Cybersecurity — UMT Lahore 💼 LinkedIn 📧 GitHub 📄 License MIT License ⭐ Star this repo if you find it useful! text --- Go to GitHub → README → Edit (pencil icon) → Delete everything → Paste this → Commit. It will render perfectly now. ```
标签:CISA项目, DInvoke, Flask, Python, Web安全, 主机安全, 加密, 后端开发, 字符串匹配, 插件系统, 数据可视化, 无后门, 漏洞扫描器, 漏洞挖掘, 蓝队分析, 逆向工具