A Python-based tool for detecting common vulnerabilities in network devices such as routers and switches from various vendors including Cisco, Juniper, HP, and others.
This tool scans a specified network range to identify potential security vulnerabilities in networking equipment. It focuses on detecting:
- Default or weak credentials
- Exposed management interfaces
- Insecure protocols (Telnet, FTP)
- Known vendor-specific vulnerabilities (CVEs)
- Misconfigurations and security weaknesses
- Network discovery using NMAP
- Service and vendor identification
- Web interface vulnerability scanning
- SSH, Telnet, and FTP security checks
- Default credential testing
- CSV report generation
- Multi-threaded scanning for faster results
- Python 3.6+
- Linux, macOS, or Windows with Python support
- Administrator/root privileges (for complete scan functionality)
- Network access to target devices
The following Python packages are required:
python-nmap: For network scanningparamiko: For SSH testingrequests: For web interface testingipaddress: For IP handling (included in Python 3.3+)
-
Clone or download this repository:
git clone https://github.com/TheGh0stHicham/network-vulnerability-scanner.git cd network-vulnerability-scanner -
Install required dependencies:
pip install python-nmap paramiko requests -
Install Nmap on your system (if not already installed):
- Ubuntu/Debian:
sudo apt install nmap - CentOS/RHEL:
sudo yum install nmap - macOS:
brew install nmap - Windows: Download from nmap.org
- Ubuntu/Debian:
Basic usage:
python network_vulnerability_scanner.py -n 192.168.1.0/24
| Option | Description |
|---|---|
-n, --network |
Network range to scan in CIDR notation (e.g., 192.168.1.0/24) [Required] |
-o, --output |
Output CSV file for scan results (default: vulnerability_report.csv) |
-t, --threads |
Number of parallel scanning threads (default: 10) |
--timeout |
Timeout in seconds for network operations (default: 5) |
Scan a specific network with custom output file:
python network_vulnerability_scanner.py -n 10.0.0.0/24 -o office_network_scan.csv
Scan with increased timeout for slow networks:
python network_vulnerability_scanner.py -n 192.168.0.0/16 --timeout 10
Scan with more threads for faster scanning (on powerful systems):
python network_vulnerability_scanner.py -n 172.16.0.0/16 -t 20
The scanner generates a CSV file with the following information:
- IP address
- Device status (up/down)
- Identified vendor
- Vulnerability type
- Vulnerability name
- Description
- Severity rating
Edit the common_credentials list in the NetworkVulnerabilityScanner class to add more default credentials for testing:
self.common_credentials = [
{"username": "admin", "password": "admin"},
{"username": "admin", "password": "password"},
# Add your own here
]Add more vendor-specific vulnerabilities to the known_vulns dictionary:
self.known_vulns = {
"cisco": [
{"name": "CVE-2020-3452", "description": "Path traversal in Cisco ASA/FTD web services"},
# Add more here
],
# Add more vendors here
}This tool is designed for network administrators and security professionals to assess the security of their own networks. Please use responsibly and ethically:
- Only scan networks you own or have explicit permission to scan
- Scanning networks without authorization may be illegal in many jurisdictions
- Some scanning techniques may disrupt network services
- Always test in controlled environments before using in production
- Some tests are simplified and may generate false positives/negatives
- Vendor identification is based on simple heuristics and may not be 100% accurate
- The tool does not exploit vulnerabilities, only detects potential issues
- Web interface testing is basic and may not work on all device interfaces
Contributions are welcome! Please feel free to submit a Pull Request.
THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES.