Skip to content

ZaryabXProgrammer/WEBSITE-VULNERABILITY-SCANNER

BranchesTags

Repository files navigation

Web Vulnerability Scanner

A comprehensive web vulnerability scanner that checks for common security issues in websites, including CSRF, XSS, information disclosure, header misconfigurations, and more. Supports both passive analysis and active testing of vulnerabilities.

Features

  • Modular scanner architecture - easy to add new vulnerability checks
  • Two-tier scanning approach:
    • Passive scanning (analyze responses without sending potentially harmful requests)
    • Active scanning with Python integration (test if vulnerabilities are actually exploitable)
  • Comprehensive vulnerability detection:
    • Cross-Site Scripting (XSS)
    • Cross-Site Request Forgery (CSRF)
    • SQL Injection
    • Content Security Policy (CSP) issues
    • Security headers analysis
    • SSL/TLS configuration
    • Port scanning
    • Version disclosure
    • And more...
  • RESTful API with Express.js
  • Detailed JSON reports
  • Configurable scan intensity

Demo Video

The following video demonstrates the Web Vulnerability Scanner in action:

Installation

# Clone the repository
git clone https://github.com/ZaryabXProgrammer/WEBSITE-VULNERABILITY-SCANNER
cd web-vulnerability-scanner
cd server

# Install Node.js dependencies
npm install

# Set up Python environment (required for active scanning)
# You need Python 3.6+ installed on your system
cd python
pip install -r requirements.txt

Usage

# Start the server
npm start

# For development with auto-restart
npm run dev

The server will start on port 3001 by default. You can customize the port by setting the PORT environment variable.

API Endpoints

Scan a Website

Endpoint: POST /api/scan

Request Body:

{
  "url": "https://example.com",
  "enableActiveTesting": true,
  "scanIntensity": "medium",
  "selectedScanners": ["xss", "csrf", "header", "active-xss", "active-sqli"]
}

Parameters:

  • url (required): The URL to scan
  • enableActiveTesting (optional): Enable Python-based active testing (default: false)
  • scanIntensity (optional): "low", "medium", or "high" (default: "medium")
  • selectedScanners (optional): Array of specific scanner names to run

Response:

{
  "status": "success",
  "data": {
    "url": "https://example.com",
    "timestamp": "2023-11-19T12:34:56.789Z",
    "scan_time_seconds": 5.67,
    "summary": {
      "total": 8,
      "by_severity": {
        "high": 2,
        "medium": 3,
        "low": 2,
        "info": 1
      },
      "by_type": {
        "missing_security_header": 3,
        "potential_xss": 1,
        "...": "..."
      }
    },
    "vulnerabilities": [
      {
        "type": "potential_xss",
        "description": "Parameter 'q' value is reflected in the page response.",
        "recommendation": "Implement proper output encoding.",
        "severity": "high",
        "evidence": "Parameter: q, Value: test",
        "scanner": "xss"
      }
      // More vulnerabilities...
    ]
  }
}

Get Scanner Configuration

Endpoint: GET /api/scan/config

Returns information about available scanners and configuration options.

Get Scanner Status

Endpoint: GET /api/scan/status

Returns the status of the Python environment and active scanning capability.

Scanners

The scanner engine automatically loads all JavaScript files from the scanners directory. Each scanner should export a scan function that returns an array of vulnerability objects.

Scanners are categorized into two types:

  • Passive Scanners: Analyze responses without sending potentially harmful requests
  • Active Scanners: Test if vulnerabilities are actually exploitable by sending test payloads

Scanner Interface

/**
 * @param {Object} page - Page data including content, headers, DOM
 * @param {string} url - The URL being scanned
 * @param {Object} options - Scan options including intensity and activeTesting flag
 * @returns {Array} - Array of vulnerability objects
 */
async function scan(page, url, options) {
  const { intensity, activeTesting } = options;
  // Vulnerability detection logic
  return [
    {
      type: "vulnerability_type",
      description: "Description of the vulnerability",
      recommendation: "How to fix the vulnerability",
      severity: "high|medium|low|info",
      evidence: "Proof that the vulnerability exists",
    },
  ];
}

module.exports = { scan };

Adding New Scanners

JavaScript (Passive) Scanners

To add a new passive vulnerability scanner:

  1. Create a new JavaScript file in the scanners directory
  2. Implement the scanner interface (see above)
  3. Export the scan function

Python (Active) Scanners

To add a new active vulnerability scanner:

  1. Create a new Python file in the python/scanners directory
  2. Implement the required functions for active testing
  3. Register the scanner in python/main.py
  4. Add the scanner name to the activeScanners array in scannerEngine.js

Testing

The project includes a vulnerable test page for scanner development and testing: http://localhost:3001/api/test/vulnerable

You can test specific vulnerabilities by adding parameters:

  • XSS: ?xss=<script>alert(1)</script>
  • SQL Injection: ?sql=1' OR '1'='1

License

MIT

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages