Vulnerability_Scanner is a multi-threaded network scanning tool that allows users to scan a target for open ports, detect running services, and retrieve banner information. It also attempts to identify the version of specific services like SSH, HTTP, and FTP. The scanner is built using Python and is designed to be lightweight, efficient, and easy to use, making it ideal for basic vulnerability assessment and reconnaissance.
- Port Scanning: Scans a range of ports on a target IP address to determine whether they are open or closed.
- Service Detection: Identifies common services such as SSH, HTTP, and FTP running on the open ports.
- Banner Grabbing: Retrieves and displays service banners to aid in identifying the service version and potential vulnerabilities.
- Multi-threaded: Uses threading to perform faster scans by simultaneously scanning multiple ports.
- Service Version Detection: Attempts to extract the version of services like SSH, HTTP, and FTP based on the banner information.
- Python 3.x: This script is built using Python and requires Python 3.x to run.
- Libraries: The following Python libraries are used:
socket: For network connections and port scanning.threading: To speed up the scanning process using multiple threads.tabulate: For formatting scan results in a tabular format.argparse: To handle command-line arguments.re: For regex-based service version extraction.
You can install the required Python dependencies using pip:
pip install tabulate- Clone this repository to your local machine:
git clone https://github.com/yourusername/Vulnerability_Scanner.git
cd Vulnerability_Scanner- Install the required Python libraries (as mentioned above):
pip install -r requirements.txt- Ensure Python 3.x is installed and correctly configured on your system.
To run the Vulnerability Scanner, simply execute the Vulnerability_Scanner.py script with the target IP address and port range as arguments.
python Vulnerability_Scanner.py <target_IP> <start_port> <end_port>python Vulnerability_Scanner.py 192.168.1.1 20 100This will scan the target IP 192.168.1.1 from port 20 to 100.
target: The target IPv4 address to scan.ports_start: The starting port number for the scan.ports_end: The ending port number for the scan.
python Vulnerability_Scanner.py 192.168.0.105 80 8080This command will scan ports from 80 to 8080 on the IP address 192.168.0.105.
Below is an example of the output you can expect after running the scanner:
Welcome to my Basic Vulnerability Scanner!
Port 22 is open! Banner: SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3 Service: SSH Version: OpenSSH_8.2p1
Port 80 is open! Banner: Apache/2.4.41 (Ubuntu) Service: HTTP Version: Apache/2.4.41
Port 21 is closed
Port 443 is open! Banner: nginx/1.18.0 (Ubuntu) Service: HTTP Version: nginx/1.18.0
+--------+---------+-------------------+
| Port | Service | Version |
+--------+---------+-------------------+
| 22 | SSH | OpenSSH_8.2p1 |
| 80 | HTTP | Apache/2.4.41 |
| 443 | HTTP | nginx/1.18.0 |
+--------+---------+-------------------+
The scanner currently detects the following services:
- SSH
- HTTP (Apache, nginx)
- FTP
To add more services, modify the self.service_patterns dictionary in the VulnerabilityScanner class to include new service banners and patterns.
By default, the scanner uses up to 50 threads to perform port scans. You can adjust the max_threads variable in the port_scan_threaded function to change the number of concurrent threads.
The socket timeout is set to 0.5 seconds for each port scan. This value can be adjusted in the scan_port function by modifying the sock.settimeout() call.