A simple, educational Python-based vulnerability scanner combining:
- Threaded TCP port scanning and banner grabbing
- HTTP/HTTPS checks (Server headers, JWKS detection)
- Local vulnerability database (
vulndb.json) for version-specific checks - Optional JWT diagnostics (passive + authorized testing)
⚠️ Important: Only scan systems you own or have explicit permission to test. Unauthorized scanning is illegal.
- Port scanning: Multi-threaded TCP scan with banner detection
- HTTP checks: Detect server headers, HTTP status, and JWKS endpoints
- Vulnerability matching: Local JSON-based DB (
vulndb.json) for known versions - Reports: CSV and HTML output
- JWT testing: Passive and authorized token inspection (for educational purposes)
- Clone the repository:
bash git clone https://github.com//custom-vuln-scanner.git cd custom-vuln-scanner
(Optional) Create and activate a virtual environment:
python -m venv venv venv\Scripts\activate # Windows
Install dependencies:
pip install -r requirements.txt
Usage Port scan example
python scanner.py --target 127.0.0.1 --mode ports --ports 22,80,443
HTTP scan example
python scanner.py --target example.com --mode http
Full scan example
python scanner.py --target 192.168.1.10 --mode full --ports 22,80,443,8080
JWT testing example (authorized only)
python scanner.py --target example.com --mode jwt --jwt-token "" --jwt-endpoint "https://example.com/api/me"
You must have explicit authorization before running JWT tests.
Project Structure
custom-vuln-scanner/ ├── scanner.py # Main CLI script ├── vulndb.json # Local vulnerability database ├── helpers/ # Utility modules (netutils, httpchecker, vulndb) ├── reports/ # Generated CSV/HTML reports ├── tests/ # Unit tests ├── examples/ # Sample run commands ├── README.md ├── requirements.txt └── LICENSE
Contributing
Feel free to submit bug reports or pull requests.
Always respect ethical guidelines and never scan without permission.
Add new signatures to vulndb.json for extra coverage.