A simple Go-based API vulnerability scanner that checks for common security issues.
- Security header analysis
- HTTPS usage verification
- CORS configuration check
- Server information disclosure detection
- Content-Type validation
- Multiple output formats (console, JSON)
# Clone the repository
git clone https://github.com/yourusername/api-vuln-scanner.git
cd api-vuln-scanner
# Initialize Go module and download dependencies
go mod init github.com/yourusername/api-vuln-scanner
go mod tidy
# Build the application
go build -o scanner.exe .
# Run the scanner
.\scanner.exe scan -u $URL./api-vuln-scanner scan -u http://localhost:8080./api-vuln-scanner scan -u http://localhost:8080 -t 30./api-vuln-scanner scan -u http://localhost:8080 -o json./api-vuln-scanner --help
./api-vuln-scanner scan --help=== API Vulnerability Scan Report ===
Target: http://localhost:8080
Scan Time: 2024-01-15 14:30:25
Summary:
Total Issues Found: 3
High: 1
Medium: 2
Detailed Results:
[HIGH] HTTP Usage (SEC-002)
Category: Transport
Description: API is accessible over unencrypted HTTP
Details: API should use HTTPS to encrypt data in transit
[MEDIUM] Missing Security Headers (SEC-001)
Category: Headers
Description: Important security headers are missing
Details: Missing headers: Strict-Transport-Security, X-Content-Type-Options
- SEC-001: Missing Security Headers
- SEC-002: HTTP Usage (non-HTTPS)
- SEC-003: Server Information Disclosure
- SEC-004: Permissive CORS Policy
- SEC-005: Missing Content-Type Header
- SEC-006: Missing X-Frame-Options
- SEC-007: Missing Content Security Policy
To run during development:
go run main.go scan -u http://localhost:8080To add new vulnerability checks, implement a new function in internal/scanner/checks.go following the VulnCheck function signature.