← Back to all products
$29
Vulnerability Scanner
Scan hosts for open ports, insecure HTTP headers, SSL issues, and known CVEs.
JSONMarkdownPython
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 10 files
vulnerability-scanner/
├── LICENSE
├── README.md
├── examples/
│ └── scan_config.json
├── free-sample.zip
├── guide/
│ ├── 01_features.md
│ ├── 02_quick-start.md
│ ├── 03_configuration-reference.md
│ └── 04_license.md
├── index.html
└── src/
└── vulnerability_scanner.py
📖 Documentation Preview README excerpt
Vulnerability Scanner
Scan any host for open ports, insecure HTTP headers, SSL/TLS certificate issues, and known CVE patterns. Generates structured reports in JSON or console output.
Features
- TCP port scanning — configurable port ranges with timeout control
- SSL/TLS validation — certificate expiry, chain verification, hostname matching
- HTTP security headers — audits HSTS, X-Frame-Options, CSP, X-Content-Type-Options, and more
- CVE pattern detection — flags common server misconfigurations and known vulnerability signatures
- Multiple output formats — JSON for automation, console for quick checks
- Full scan mode — runs all checks in a single pass with
--full - Configurable via JSON — save scan profiles for repeatable audits
- Self-contained — zero pip installs, Python 3.10+ stdlib only
- Non-destructive — read-only scanning, safe for production hosts
Requirements
- Python 3.10+
- No external dependencies (stdlib only)
Quick Start
# Quick scan with default ports
python src/vulnerability_scanner.py --target api.example.com
# Scan specific ports
python src/vulnerability_scanner.py --target 192.168.1.1 --ports 80,443,8080
# Full scan with JSON output
python src/vulnerability_scanner.py --target example.com --full --output report.json
Output
Console output shows a severity-tagged list of findings. JSON output includes structured data for each finding with severity level, description, and remediation advice.
Configuration Reference
Save scan profiles as JSON (see examples/scan_config.json):
{
"target": "api.example.com",
"ports": [22, 80, 443, 8080, 8443],
"full_scan": true,
"timeout_seconds": 5,
"output_format": "json"
}
| Field | Type | Description |
|---|---|---|
target | string | Hostname or IP address to scan |
ports | list[int] | Specific ports to check (default: common ports) |
full_scan | bool | Run all checks (ports, headers, SSL, CVE) |
timeout_seconds | int | Socket timeout per connection attempt |
output_format | string | "json" or "console" |
... continues with setup instructions, usage examples, and more.
📄 Code Sample .py preview
src/vulnerability_scanner.py
#!/usr/bin/env python3
"""
Vulnerability Scanner — Security Kit (DataNest)
Scans a target host for common security vulnerabilities including open ports,
insecure HTTP headers, SSL/TLS certificate issues, and known CVE patterns.
Usage:
python vulnerability_scanner.py --target api.example.com
python vulnerability_scanner.py --target 192.168.1.1 --ports 80,443,8080
python vulnerability_scanner.py --target example.com --full --output report.json
Dependencies: Python 3.10+ stdlib only (no pip packages)
License: MIT
"""
from __future__ import annotations
import argparse
import json
import logging
import socket
import ssl
import sys
import urllib.request
import urllib.error
from dataclasses import dataclass, field, asdict
from datetime import datetime, timezone
from pathlib import Path
from typing import Any
# ---------------------------------------------------------------------------
# Constants
# ---------------------------------------------------------------------------
# Common ports worth checking — covers web, mail, database, and admin services
COMMON_PORTS: list[int] = [
21, 22, 23, 25, 53, 80, 110, 143, 443, 445, 587, 993, 995,
1433, 1521, 3306, 3389, 5432, 5900, 6379, 8080, 8443, 9200, 27017,
]
# Security headers every web app should have
SECURITY_HEADERS: dict[str, str] = {
"Strict-Transport-Security": "Enforces HTTPS connections — prevents downgrade attacks",
"Content-Security-Policy": "Controls resource loading — prevents XSS and injection",
"X-Content-Type-Options": "Prevents MIME type sniffing — should be 'nosniff'",
"X-Frame-Options": "Prevents clickjacking — should be DENY or SAMEORIGIN",
"X-XSS-Protection": "Legacy XSS filter — should be '0' (CSP is preferred)",
"Referrer-Policy": "Controls referrer information leakage",
"Permissions-Policy": "Controls browser feature access (camera, mic, geolocation)",
# ... 536 more lines ...