web-port-CVE-scan

Website Vulnerability Scanner

This Python tool scans a target website for:

1. Open Ports - Identifies open ports using nmap.
2. Vulnerabilities - Uses nmap scripts to find vulnerabilities on open ports.
3. CVE Information - Integrates with the NVD API to fetch related CVEs for detected vulnerabilities.

Features

• Port Scanning: Scans all ports (1-65535) for open connections.
• Vulnerability Scanning: Identifies vulnerabilities using nmap's --script vuln.
• CVE Lookup: Queries the NVD CVE API for detailed information on vulnerabilities.

Prerequisites

1. Python 3.7 or higher.
2. Install required libraries:

   pip install python-nmap requests

3. Access to nmap command-line tool (ensure it is installed and in the system PATH).

Installation

Clone the repository and navigate to the project directory:

git clone https://github.com/RAD50/web-port-CVE-scan.git
cd web-port-CVE-scan

Usage

Run the tool with:

python web-port-CVE-scan.py

Enter the target hostname or IP when prompted.

Example Output

Enter the target hostname or IP: example.com
Target IP: 93.184.216.34
Scanning open ports for 93.184.216.34...
Open ports: [80, 443]
Scanning vulnerabilities for 93.184.216.34:80...
Vulnerability on port 80:
Script: http-vuln-cve2021
Output: ...
Searching CVEs for http-vuln-cve2021 using NVD API...
Related CVEs:
CVE ID: CVE-2021-1234 | Description: Example vulnerability description.

Limitations

• Ensure you have explicit permission to scan the target.
• The tool assumes nmap is installed and functional.
• NVD API usage may be subject to rate limits.

Support

If you encounter any issues or have questions, feel free to open an issue on the GitHub repository.

Contribution

Contributions are welcome! Open an issue or submit a pull request to suggest improvements or fixes.

License

This project is licensed under the MIT License.