Skip to content

Yugandhar-112/NetShield-Vulnerability-Scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

NetShield Vulnerability Scanner

A Python/Flask local network scanner that maps active hosts, evaluates vulnerabilities with standard CVSS scoring, and generates publication-grade PDF audit reports.

Key Features

  • One-Click Network Audit: Multi-threaded TCP connect scanning across local subnets using sub-second socket timeouts.
  • Service & Vulnerability Mapping: Probes standard entry points (FTP, SSH, Telnet, HTTP, SMB, HTTP-Alt) against an internal misconfiguration signature database.
  • CVSS Risk Scoring: Quantifies threat severity into Critical (9.0+), High (7.0-8.9), Medium (4.0-6.9), and Low tiers.
  • Asynchronous Web Dashboard: Single-page interface built with Tailwind CSS; features live UI spinners and visual severity badges.
  • Executive PDF Audit Reports: Uses ReportLab to compile multi-page security documents containing an executive metrics summary, a styled 5-column asset matrix, and targeted remediation deployment strategies.

Project Architecture

NetShield/
├── app.py              # Core Flask server, threaded scanner engine, and PDF compiler
├── requirements.txt    # Production Python dependencies
├── .gitignore          # Git exclusion rules (safeguards venv/ and generated .pdf logs)
└── templates/
    └── index.html      # Single-page Tailwind CSS frontend interface

Local Installation & Execution

# 1. Clone the repository
git clone [https://github.com/Yugandhar-112/NetShield-Vulnerability-Scanner.git](https://github.com/Yugandhar-112/NetShield-Vulnerability-Scanner.git)
cd NetShield-Vulnerability-Scanner

# 2. Create and activate a virtual environment
python -m venv venv

# On Windows PowerShell:
venv\Scripts\activate
# On Linux / macOS:
source venv/bin/activate

# 3. Install dependencies
pip install -r requirements.txt

# 4. Launch the engine
python app.py

Access the interactive dashboard at: http://localhost:5000

Threat Signature Database

Port Target Service Flagged Vulnerability CVSS Score Severity Remediation Action
21 FTP Cleartext Credentials 7.5 High Migrate to SFTP.
22 SSH Secure Shell 0.0 Low N/A (Standard Secure Management)
23 Telnet Unencrypted Protocol 9.8 Critical Disable Telnet completely; enforce SSH.
80 HTTP Unencrypted Web Traffic 5.3 Medium Enforce HTTP-to-HTTPS redirection.
443 HTTPS Secure Web Traffic 0.0 Low N/A (Valid SSL/TLS established)
445 SMB Potential SMBv1 Exposure 8.1 High Disable SMBv1; mandate SMBv3 signing.
8080 HTTP-Alt Exposed Admin Portal 4.8 Medium Restrict access via local firewall rules.

About

A Python/Flask local network scanner that maps active hosts, evaluates vulnerabilities with CVSS scoring, and generates automated PDF audit reports.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors