A multithreaded Python-based network vulnerability scanner that identifies open ports, running services, and known CVEs (Common Vulnerabilities and Exposures) using Nmap and an online CVE API.
- Scans a subnet or single IP address
- Detects open ports and associated services
- Retrieves known CVEs for detected services and versions
- Multithreaded scanning for faster performance
- GUI interface built with Tkinter
- Save vulnerability reports to text files
- Python 3.8+
- Nmap installed and added to system PATH
Install the required Python modules:
pip install python-nmap requests colorama🗂 Project Structure . ├── gui.py # Tkinter GUI interface ├── scanner.py # Core scanning logic using Nmap ├── cve_lookup.py # Queries CVE database (cve.circl.lu) ├── utils.py # Helper functions (resolve_target, format_cve, etc.) ├── cve_cache.json # Local cache of CVE lookups └── README.md # You're reading this
🖥️ How to Use
python scanner.py 192.168.1 --fast --vuln-scanOptions:
--fast: Enables faster scans (-T4)
--vuln-scan: Uses Nmap's vulnerability NSE scripts
--aggressive: Enables aggressive scanning (-A for OS detection, script scanning, etc.)
🖱 GUI Mode Launch the graphical interface:
python gui.pySteps:
-
Enter the base IP (e.g., 192.168.1)
-
Click Start Scan
-
View progress and results in the GUI
-
Click Stop Scan if needed
-
A detailed report will be saved after the scan completes
🛡 How It Works
-
Nmap scans each IP in the range and detects open ports and services.
-
Detected services and versions are passed to the CIRCL CVE API.
-
The scanner fetches up to 5 known CVEs for each service.
-
Results are displayed in real time and saved as a .txt report.
📄 Output Example
Scan Report - 2025-04-30_14-52-12
Target: 192.168.1.20
Port 80: http (Apache httpd 2.4.49)
CVEs:
- CVE-2021-41773: Path traversal vulnerability in Apache 2.4.49
- CVE-2021-42013: Remote code execution in Apache 2.4.49
Port 22: ssh (OpenSSH 7.9p1)
No CVEs found.