A configurable Python-based vulnerability scanner for identifying missing patches, unencrypted protocols, and policy violations across multi-site network infrastructure.
This tool scans Windows, Linux, and network infrastructure across multiple sites for:
- Patch levels — OS and application update status
- Unencrypted protocols — Identification of legacy plaintext services
- Policy violations — Configuration drift and security baseline violations
- Credential testing — Authentication mechanism verification
- Protocol compliance — WinRM, SNMP, LDAP, DNS, DHCP configuration review
- Python 3.8+
- Linux/Unix environment (tested on Debian/Ubuntu)
- Network access to target systems
- Credentials for authenticated scans (optional, for WinRM/LDAP/SNMP)
git clone <repo-url> network-scanner
cd network-scanner
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txtpython3 setup.pyThis interactive script will:
- Prompt for site names and network ranges
- Request authentication credentials
- Configure scan targets and schedules
- Validate network reachability
- Generate configuration files
cat config/sites.json # Review site definitions
cat config/scan_config.json # Review scan settings
cat config/credentials.json # Review stored credentials (encrypted)python3 scanner.py --site "Site-A" --scan-type allpython3 scanner.py --all --scan-type allpython3 scanner.py --site "Site-A" --scan-type winrm # Windows Remote Management
python3 scanner.py --site "Site-A" --scan-type snmp # SNMP services
python3 scanner.py --site "Site-A" --scan-type ldap # LDAP/Active Directory
python3 scanner.py --site "Site-A" --scan-type patches # Patch levelspython3 scanner.py --all --scan-type all --report html
python3 scanner.py --all --scan-type all --report json
python3 scanner.py --all --scan-type all --report csv{
"sites": [
{
"name": "Site-A",
"network_range": "192.168.1.0/24",
"admin_server": "192.168.1.10",
"domain": "site-a.local",
"timezone": "America/Chicago"
}
]
}{
"scan_threads": 8,
"timeout_seconds": 30,
"retry_count": 2,
"protocols": ["winrm", "snmp", "ldap", "patches"],
"report_format": "html",
"report_path": "./reports"
}Encrypted credentials for authenticated scanning:
- winrm_user/password — Windows WinRM authentication
- snmp_community — SNMP read community string
- ldap_user/password — LDAP/AD authentication
- admin_user/password — Administrative account for privileged checks
Queries OS and application patch/update status. Requires:
- Windows: WinRM access to target systems
- Linux: SSH access (configure in setup)
- Network: SNMP read access to switches/firewalls
Tests for:
- Unencrypted WinRM (HTTP vs HTTPS)
- SNMP v1/v2 (legacy, unencrypted)
- Plaintext LDAP (port 389 vs 636 TLS)
- Unencrypted DNS (port 53 plaintext vs DoT)
- DHCP configuration compliance
Validates authentication mechanisms:
- WinRM mutual authentication
- SNMP community string accessibility
- LDAP bind success/failure modes
- Service account privilege levels
Checks configuration against baseline:
- Active Directory schema and GPO application
- Service startup types (auto, manual, disabled)
- Firewall rule consistency
- Backup and retention policies
HTML Report — Interactive dashboard with charts and drill-down JSON Report — Machine-readable for integration with other tools CSV Report — Import into spreadsheets or SIEMs
Scan Report — Site-A
Generated: 2026-06-07 14:32:15
EXECUTIVE SUMMARY
Total Systems Scanned: 24
Total Findings: 8
- Critical: 1
- High: 3
- Medium: 4
FINDINGS BY CATEGORY
Patches & Updates: 4 findings
├─ 3 systems missing >30 days of updates
└─ 1 system with legacy software
Protocol Security: 2 findings
├─ SNMP v1 still enabled on switch-01
└─ Unencrypted LDAP on legacy DC
Credential & Auth: 2 findings
├─ Weak password policy on file server
└─ Service account with excessive privileges
Add to crontab for weekly scans:
0 2 * * 0 cd /path/to/scanner && /usr/bin/python3 scanner.py --all --scan-type all --report htmlschtasks /create /tn "NetworkScan-Weekly" /tr "python3 scanner.py --all --scan-type all --report html" /sc weekly /d SUN /st 02:00FROM debian:bookworm
RUN apt-get update && apt-get install -y python3 python3-pip
WORKDIR /app
COPY . .
RUN pip install -r requirements.txt
CMD ["python3", "scanner.py", "--all", "--scan-type", "all", "--report", "html"]- Credentials: Stored encrypted with configurable key management
- Network Access: Scope to administrative/security networks only
- Report Distribution: HTML/JSON reports may contain sensitive findings — restrict access
- Audit Logging: All scan activities logged with timestamps and operator ID
- Compliance: Ensure scanning complies with organizational policy and local regulations
python3 scanner.py --site "Site-A" --connectivity-testpython3 scanner.py --validate-credentialspython3 scanner.py --site "Site-A" --scan-type all --debug# Setup on first run
python3 setup.py
# Run weekly scan
python3 scanner.py --all --scan-type all --report html
# View report
firefox reports/scan_report_2026-06-07.htmlpython3 scanner.py --site "headquarters" --scan-type patches --report csv
# Export to Excel for remediation trackingpython3 scanner.py --all --scan-type snmp,ldap,winrm --report json
# Pipe to another tool for compliance checking
cat reports/scan_report.json | jq '.protocols[] | select(.risk_level=="critical")'Improvements and site-specific enhancements welcome. Fork, modify for your environment, submit pull requests.
MIT License — Use and modify freely for your organization.
For questions or issues: Open an issue on GitHub or contact the maintainer.