Skip to content

shashankp914/Python-Vulnerability-Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
VS.py
VS.py
 
 

Repository files navigation

Vulnerability Scanner

The Vulnerability Scanner is a Python-based tool that scans directories for potential security vulnerabilities based on the OWASP Top 10 vulnerabilities. It uses regular expressions to identify patterns associated with various types of vulnerabilities and reports the findings to the user.

Features

  • Scans directories recursively for files containing potential vulnerabilities
  • Supports the following OWASP Top 10 vulnerability types:
    • Injection
    • Broken Authentication
    • Sensitive Data Exposure
    • XML External Entities (XXE)
    • Broken Access Control
    • Security Misconfiguration
    • Cross-Site Scripting (XSS)
    • Insecure Deserialization
    • Using Components with Known Vulnerabilities
    • Insufficient Logging and Monitoring
    • Unvalidated Redirects and Forwards
    • Cross-Site Request Forgery (CSRF)
    • Server-Side Request Forgery (SSRF)
    • Cross-Site Script Inclusion (XSSI)
    • Mass Assignment
  • Provides a graphical user interface (GUI) for easy interaction
  • Allows the user to select the directory to scan
  • Displays the scan results in the GUI
  • Saves the scan results to a text file for further analysis

Usage

  1. Clone the repository or download the source code file.

  2. Run the script using Python:

    python vulnerability_scanner.py

  3. In the GUI window, click the "Browse" button to select the directory you want to scan.

  4. Click the "Scan Directory" button to start the vulnerability scan.

  5. The scan results will be displayed in the text area of the GUI.

  6. To save the scan results to a file, click the "Save to File" button and choose a location to save the file.

How it Works

The vulnerability scanner works by scanning the files in the selected directory recursively. For each file, it reads the content and searches for patterns that match the OWASP Top 10 vulnerability types. The patterns are defined in the Full_Vuln_List dictionary at the beginning of the script.

The scan_directory() function is responsible for the actual scanning process. It iterates through the files in the directory, reads their contents, and checks for matches against the vulnerability patterns. When a match is found, the function records the file path, the vulnerability type, and the matching pattern.

The scan_directory_gui() function is the entry point for the GUI-based usage. It calls the scan_directory() function and displays the results in the GUI text area. It also provides the functionality to save the scan results to a file.

The GUI is created using the tkinter library, which provides a standard set of widgets for building desktop applications.

Dependencies

The Vulnerability Scanner requires the following Python libraries:

  • os
  • re
  • tkinter

These libraries are part of the standard Python distribution and should be available without any additional installations.

Contribution

Contributions to the Vulnerability Scanner project are welcome. If you find any issues or have suggestions for improvements, please feel free to open an issue or submit a pull request on the project's GitHub repository.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages