Share
## https://sploitus.com/exploit?id=DD51CCD4-33B4-5D22-B605-E1201D386D21
# VulnEye - Lightweight Vulnerability Scanner

VulnEye is a modular, lightweight Python tool designed for network and web vulnerability scanning. It includes features for port scanning, OS detection, web security header analysis, basic XSS/SQLi testing, and CVE checking.

## โš ๏ธ Legal & Ethical Use Disclaimer

**IMPORTANT: READ BEFORE USE**

VulnEye is developed for **educational purposes** and **authorized security testing** only. 
- Do NOT use this tool on servers, websites, or networks you do not own or do not have explicit permission to test.
- Usage of this tool for attacking targets without prior mutual consent is illegal.
- The developer assumes no liability for any misuse or damage caused by this tool.

---

## โœจ Features

1. **Network Scanner**
   - Scans top 100 common ports.
   - Performs service banner grabbing.
   - Simple OS detection using TTL fingerprinting (Windows vs Linux).
   
2. **Web Vulnerability Scanner**
   - **HTTP Headers**: Checks for missing security headers (CSP, X-Frame-Options, HSTS, etc.).
   - **XSS Tester**: Basic reflected Cross-Site Scripting checking.
   - **SQL Injection**: Checks for SQL errors with common payloads.

3. **Directory Bruteforce**
   - Discovers common hidden directories (admin, backup, config, etc.) using a built-in wordlist.

4. **CVE Checker**
   - Detects server software versions (Apache, Nginx, PHP, WordPress).
   - Compares against a curated database of recent CVEs (2024-2025).

5. **Reporting**
   - Generates detailed JSON and TXT reports in the `reports/` directory.

---

## ๐Ÿ› ๏ธ Installation

1. **Clone the repository** (or extract zip):
   ```bash
   # Extract the project files
   cd VulnEye
   ```

2. **Install Dependencies**:
   VulnEye uses lightweight standard libraries + `requests` and `termcolor`.
   ```bash
   pip install -r requirements.txt
   ```

## ๐Ÿš€ Usage

Run the main script to launch the interactive CLI:

```bash
python main.py
```

### Menu Options
1. **Network Scan**: Provide an IP or Hostname.
2. **Web Scan**: Provide a URL (e.g., `http://example.com`).
3. **Directory Scan**: Brute-force directories on a target URL.
4. **CVE Checker**: Check for outdated/vulnerable software versions.
5. **Full Scan**: Run all modules sequentially.

### Examples
- **Scanning a local server:**
  Enter `127.0.0.1` or `localhost`.
- **Scanning a web app:**
  Enter `http://testphp.vulnweb.com` (a legal testing ground).

## ๐Ÿ“‚ Project Structure

```
VulnEye/
 โ”œโ”€โ”€ core/                  # Core modules
 โ”‚    โ”œโ”€โ”€ network_scanner.py
 โ”‚    โ”œโ”€โ”€ web_scanner.py
 โ”‚    โ”œโ”€โ”€ directory_bruteforce.py
 โ”‚    โ”œโ”€โ”€ cve_checker.py
 โ”‚    โ”œโ”€โ”€ reporter.py
 โ”œโ”€โ”€ data/                  # Data files
 โ”‚    โ”œโ”€โ”€ wordlist.txt
 โ”‚    โ”œโ”€โ”€ cve_database.json
 โ”œโ”€โ”€ reports/               # Generated scan reports (created at runtime)
 โ”œโ”€โ”€ main.py                # Main CLI entry point
 โ”œโ”€โ”€ requirements.txt       # Dependencies
 โ””โ”€โ”€ README.md              # Documentation
```

## ๐Ÿ“ท Screenshots


- **Main Menu**: Simple CLI interface.
- **Scan Output**: Color-coded terminal output showing open ports and vulnerabilities.
- **Report**: JSON and TXT files generated in `reports/`.

---

**Developed for the community.** ๐Ÿ›ก๏ธ Stay Safe.