Share
## https://sploitus.com/exploit?id=7FB13D9A-A6C5-5E18-9401-704A2693C3A0
# Vulnerability Scanner

A security vulnerability detection tool developed in Go and Python. It supports custom POCs, batch scanning, graphical interfaces, and other features. ## Features

- **Graphical Interface**: A user-friendly interface developed using PyQt5.
- **POC Management**: An independent POC library that supports YAML definitions and allows custom POCs.
- **POC Classification**: Supports classification management for CVEs, vendor vulnerabilities, etc.
- **Import/Export**: Supports importing and exporting POCs by category.
- **Batch Scanning**: Supports batch scanning of IPs and ports.
- **Configurable**: Parameters such as concurrent scanning threads and timeout periods can be configured.
- **Real-time Progress**: Displays scanning progress and results in real-time.
- **Result Export**: Supports exporting scanning results in JSON format.

## Project Structure

```
VulnerabilityScanner/
├── backend/           # Go backend
│   ├── api/           # API service layer
│   ├── poc/           # POC management module
│   ├── scanner/       # Scanning engine module
│   ├── main.go        # Program entry point
│   └── go.mod         # Go module dependencies
├── frontend/          # Python frontend
│   └── main.py        # Graphical interface
├── pocs/              # POC library directory
│   ├── cve/           # CVE vulnerability POCs
│   ├── vendor/        # Vendor vulnerability POCs
│   └── others/        # Other POCs
└── docs/              # Documentation directory
    └── POCWritingRules.md # POC writing rules
```

## Technology Stack

### Backend (Go)
- Go 1.21+
- net/http (Web framework)
- gopkg.in/yaml.v3 (YAML parsing)

### Frontend (Python)
- Python 3.8+
- PyQt5 (GUI framework)
- requests (HTTP client)

## Quick Start

### Environment Requirements

- Go 1.21+
- Python 3.8+

### Install Dependencies

**Backend Dependencies:**
```bash
cd backend
go mod download
```

**Frontend Dependencies:**
```bash
pip install PyQt5 requests
```

### Run the Program

1. **Start the backend service**
   ```bash
   cd backend
   go run main.go
   ```

2. **Start the frontend interface**
   ```bash
   cd frontend
   python main.py
   ```

### Command Line Parameters

Parameters supported by the backend service:
```
-port int      API server port (default 8080)
-pocs string   POC directory path (default ../pocs)
-workers int     Maximum concurrent scanning threads (default 50)
-timeout int     Default timeout (seconds) (default 10)
-version         Display version information
```

## Usage Instructions

### Scanning Process

1. **Configure targets**
   - Enter the IP address or domain name in the “Scan” tab.
   - Configure ports (supporting single ports, port ranges like 8000-9000, multiple ports like 80, 443).

2. **Select POCs**
   - Filter POCs by category.
   - Check the POCs you want to use.

3. **Configure scanning parameters**
   - Set the number of concurrent threads (1-200).
   - Set the timeout (1-60 seconds).

4. **Start scanning**
   - Click the “Start Scanning” button.
   - View progress and results in the “Scan Results” tab.

5. **Process results**
   - View targets with vulnerabilities.
   - Export scanning results.

### POC Management

- **Import POCs**: Click “Import POC” in the “POC Management” tab.
- **Export POCs**: Select a POC and click “Export POC”.
- **Reload POCs**: Click “Reload POCs” to refresh the POC library.

## Documentation
- [POC Writing Rules](docs/POCWritingRules.md) - POC format specifications and writing guidelines

## API Interfaces

Basic URL: `http://localhost:8080/api`

| Interface | Method | Description |
|----------|---------|-------------|
| /pocs | GET | Get list of POCs |
| /pocs/{id} | GET | Get individual POC |
| /pocs/upload | POST | Upload POC |
| /pocs/export | POST | Export POC |
| /pocs/{id} | DELETE | Delete POC |
| /pocs/reload | POST | Reload POC |
| /scan/start | POST | Start scanning |
| /scan/stop | POST | Stop scanning |
| /scan/status | GET | Get scanning status |
| /scan/results | GET | Get scanning results |
| /categories | GET | Get category list |
| /stats | GET | Get statistical information |
| /health | GET | Health check |

## POC Writing

POCs are defined in YAML format. The basic structure is as follows:

```yaml
name: "POC Name"
id: "poc-unique-id"
category: "CVE"
severity: "Critical"
description: "Vulnerability description"
author: "Author"
version: "1.0.0"
references:
  - "Reference link"
tags:
  - "Tags"
target:
  protocol: "http"
  path: "/path"
  method: "GET"
  headers: {...}
  body: ""
  timeout: 10
conditions:
  - type: "status"
    operator: "equals"
    value: 200
```

For detailed POC writing rules, please refer to [POCWritingRules.md](docs/POCWritingRules.md). ## License

This project is for educational purposes only. ## Disclaimer

This tool is used solely for security research and authorized penetration testing. Any unauthorized use of this tool is illegal. Users must bear the corresponding legal responsibilities.