A Python-based security toolkit that performs network reconnaissance, validates findings against industry-standard tools, and generates a professional HTML report. Designed to automate the initial phases of a security assessment in an isolated lab environment (e.g., Kali → OWASP Juice Shop / Metasploitable).
Below is a sample of the final HTML report generated by the toolkit. The report provides an executive summary, highlights discrepancies between the custom scanner and Nmap, and lists detailed findings with remediation suggestions.
Multi-threaded TCP port scanning — quickly identifies open ports on a target.
HTTP fingerprinting — captures server headers, HTTP status, and page titles for common web ports.
JSON output — saves raw scan results in a structured, machine-readable format.
Nmap validation — compares the custom scanner’s findings to Nmap (-sV) and highlights discrepancies.
Automated HTML reporting — generates a polished report_.html with an executive summary, comparison metrics, detailed findings, and remediation suggestions.
├── scanner.py # The core multi-threaded TCP scanner and HTTP fingerprinter
├── reporter.py # Compares results and generates the final HTML report
├── README.md # This file
├── MANUAL_PENTEST_WRITEUP.md # Detailed findings from the manual Burp Suite analysis
└── sample_output/
├── scan_results.json # Sample output from scanner.py
├── nmap_results.txt # Sample output from an Nmap scan
└── report_192.168.56.1.html # Sample final HTML report
You can run the full scanning + reporting pipeline with a single command.
chmod +x run_demo.sh
./run_demo.sh [TARGET]
If no target is specified, it defaults to 192.168.56.1.
This will:
Run the custom Python scanner (scanner.py), creating scan_results.json
Run Nmap (nmap -sV), saving results to nmap_results.txt
Generate a combined HTML report via reporter.py
After completion, you’ll see a success message and can open the generated HTML file, such as:
report_192.168.56.1.html
Running custom scanner (will write scan_results.json by default)
Running nmap -sV (output: nmap_results.txt)
Generating HTML report from scan_results.json and nmap_results.txt
Done. Open the generated report (report_192.168.56.1.html or similar).
In addition to the automated scanning, a manual analysis was performed on the OWASP Juice Shop application using Burp Suite to validate the toolkit's findings and search for higher-impact vulnerabilities. The assessment confirmed that the application's search functionality was well-defended against basic XSS, but discovered a critical SQL Injection vulnerability in the login endpoint.
For a detailed breakdown of the methodology and remediation guidance, please see the full write-up (MANUAL_PENTEST_WRITEUP.md)
Below is a video replicating the SQL Vulnerability in Burp Suite: