## https://sploitus.com/exploit?id=DD51CCD4-33B4-5D22-B605-E1201D386D21
# VulnEye - Lightweight Vulnerability Scanner
VulnEye is a modular, lightweight Python tool designed for network and web vulnerability scanning. It includes features for port scanning, OS detection, web security header analysis, basic XSS/SQLi testing, and CVE checking.
## โ ๏ธ Legal & Ethical Use Disclaimer
**IMPORTANT: READ BEFORE USE**
VulnEye is developed for **educational purposes** and **authorized security testing** only.
- Do NOT use this tool on servers, websites, or networks you do not own or do not have explicit permission to test.
- Usage of this tool for attacking targets without prior mutual consent is illegal.
- The developer assumes no liability for any misuse or damage caused by this tool.
---
## โจ Features
1. **Network Scanner**
- Scans top 100 common ports.
- Performs service banner grabbing.
- Simple OS detection using TTL fingerprinting (Windows vs Linux).
2. **Web Vulnerability Scanner**
- **HTTP Headers**: Checks for missing security headers (CSP, X-Frame-Options, HSTS, etc.).
- **XSS Tester**: Basic reflected Cross-Site Scripting checking.
- **SQL Injection**: Checks for SQL errors with common payloads.
3. **Directory Bruteforce**
- Discovers common hidden directories (admin, backup, config, etc.) using a built-in wordlist.
4. **CVE Checker**
- Detects server software versions (Apache, Nginx, PHP, WordPress).
- Compares against a curated database of recent CVEs (2024-2025).
5. **Reporting**
- Generates detailed JSON and TXT reports in the `reports/` directory.
---
## ๐ ๏ธ Installation
1. **Clone the repository** (or extract zip):
```bash
# Extract the project files
cd VulnEye
```
2. **Install Dependencies**:
VulnEye uses lightweight standard libraries + `requests` and `termcolor`.
```bash
pip install -r requirements.txt
```
## ๐ Usage
Run the main script to launch the interactive CLI:
```bash
python main.py
```
### Menu Options
1. **Network Scan**: Provide an IP or Hostname.
2. **Web Scan**: Provide a URL (e.g., `http://example.com`).
3. **Directory Scan**: Brute-force directories on a target URL.
4. **CVE Checker**: Check for outdated/vulnerable software versions.
5. **Full Scan**: Run all modules sequentially.
### Examples
- **Scanning a local server:**
Enter `127.0.0.1` or `localhost`.
- **Scanning a web app:**
Enter `http://testphp.vulnweb.com` (a legal testing ground).
## ๐ Project Structure
```
VulnEye/
โโโ core/ # Core modules
โ โโโ network_scanner.py
โ โโโ web_scanner.py
โ โโโ directory_bruteforce.py
โ โโโ cve_checker.py
โ โโโ reporter.py
โโโ data/ # Data files
โ โโโ wordlist.txt
โ โโโ cve_database.json
โโโ reports/ # Generated scan reports (created at runtime)
โโโ main.py # Main CLI entry point
โโโ requirements.txt # Dependencies
โโโ README.md # Documentation
```
## ๐ท Screenshots
- **Main Menu**: Simple CLI interface.
- **Scan Output**: Color-coded terminal output showing open ports and vulnerabilities.
- **Report**: JSON and TXT files generated in `reports/`.
---
**Developed for the community.** ๐ก๏ธ Stay Safe.