/Vulnerability_Scanner

The Vulnerability Scanner is a Django-based application that scans websites for security vulnerabilities, providing insights into potential weaknesses such as SQL Injection, XSS, and CSRF issues. Users receive a detailed analysis and site safety score, helping them enhance their web security posture.

Primary LanguagePython

Vulnerability Scanner

Revealing security vulnerabilities in web applications with comprehensive scanning and analysis

Table of Contents

  1. About the Project
  2. Features
  3. Getting Started
  4. Installation
  5. Usage
  6. Roadmap
  7. Contributing
  8. License

About the Project

The Vulnerability Scanner is a Django-based application designed to conduct extensive vulnerability tests on specified websites. By identifying potential weaknesses like Cross-Site Scripting (XSS), SQL Injection, CSRF token issues, and more, it aids developers and security experts in strengthening their site's security.

Why this project?
Security vulnerabilities in web applications can lead to data breaches, financial loss, and reputational damage. This tool helps identify these weaknesses early, offering actionable insights to prevent attacks and improve overall security.

Features

  • Cross-Site Scripting (XSS) Detection: Identifies scripts injected into web pages to prevent unauthorized access.
  • SQL Injection Detection: Finds points where SQL statements may be manipulated.
  • JavaScript Injection: Tests for vulnerabilities where JavaScript can be maliciously injected.
  • Remote Code Execution: Identifies potential points where remote code execution is possible.
  • CSRF Token Validation: Ensures tokens are valid and up to date.
  • Authentication Check: Detects weak or improperly configured authentication setups.
  • Comprehensive Site Safety Score: Summarizes findings to provide an overall security score.

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing.

Prerequisites

  • Python 3.7+
  • Django 3.x or higher
  • Familiarity with web security basics

Installation

  1. Clone the repository

    git clone https://github.com/AyeshaAshfaq12/Vulnerability_Scanner.git
cd Vulnerability_Scanner

  2. Install dependencies

    pip install -r requirements.txt

  3. Start the development server

    python manage.py runserver

Usage

  1. Open the application in your browser at http://127.0.0.1:8000/.
  2. Enter the URL of the website to be tested in the provided field.
  3. Initiate the scan to analyze the site.
  4. Review the results, which include vulnerabilities identified, suggested mitigations, and the overall security score.

Roadmap

  • Add more vulnerability tests, such as Directory Traversal and Local File Inclusion.
  • Include a scheduling feature for regular, automated scans.
  • Provide integration options with popular CI/CD pipelines for continuous security.

Contributing

We welcome contributions! Please follow these steps to get started:

  1. Fork the project.
  2. Create a feature branch (git checkout -b feature/NewFeature).
  3. Commit your changes (git commit -m 'Add NewFeature').
  4. Push to the branch (git push origin feature/NewFeature).
  5. Open a Pull Request.

License

Distributed under the MIT License. See LICENSE for more information.