← Back to Projects

Custom Vulnerability Scanner

Completed View on GitHub
Python Nmap SQLite Docker REST API

Overview

A custom-built vulnerability scanner designed to streamline the reconnaissance and vulnerability identification phases of a penetration test. Rather than juggling multiple tools and manually correlating output, this scanner provides a unified workflow from port discovery to CVE mapping.

Features

  • Port Scanning - Wraps Nmap for fast and configurable TCP/UDP scanning with service version detection
  • Service Fingerprinting - Identifies running services and extracts version banners for accurate CVE matching
  • CVE Lookup - Queries the NVD API and a local SQLite cache to map discovered services to known vulnerabilities
  • Risk Scoring - Prioritizes findings by CVSS score and exploitability metrics
  • Reporting - Generates structured JSON and human-readable markdown reports
  • REST API - Exposes scan management and results through a lightweight API for integration with other tools

Architecture

The scanner is built as a modular Python application with distinct components for scanning, enumeration, and reporting. A SQLite database stores scan results and a local CVE cache that syncs periodically with NVD data.

The Docker deployment packages the scanner with all dependencies, including Nmap, and can be run as a standalone container or deployed alongside other tools in a pentest toolkit.

Usage

Scans can be kicked off via CLI or through the REST API. Results are stored persistently and can be compared across scan runs to track remediation progress or identify new exposures.