Full-stack cybersecurity reconnaissance platform featuring port scanning, banner grabbing, subdomain enumeration, HTTP header analysis, and SSL/TLS security auditing.
Built with Python + Flask, focused on network reconnaissance, web security analysis, and lightweight vulnerability assessment workflows.
- Port Scanner — Detects open ports across configurable ranges
- Banner Grabbing — Captures exposed service banners from discovered ports
- Subdomain Enumeration — DNS-based hidden subdomain discovery
- HTTP Header Analysis — Detects missing security headers and information leaks
- SSL/TLS Analysis — Audits certificates, ciphers, and protocol configuration
- Full Scan Pipeline — Unified reconnaissance workflow across all modules
- Input Validation System — Handles malformed URLs, invalid domains, and IP errors
- Responsive Dashboard UI — Security-focused interface with real-time scan feedback
- Lightweight Architecture — Pure Flask + Vanilla JavaScript implementation
Features:
- Common/top-range scanning
- Custom port range support
- Open-port detection
- Multi-threaded scanning
- Service banner extraction
Captures:
- HTTP server banners
- Service signatures
- Exposed software metadata
- Protocol responses
Supports:
- DNS resolution checks
- Hidden subdomain discovery
- Common wordlist probing
- Recursive subdomain scanning
Detects:
- Missing CSP headers
- Weak security policies
- Clickjacking exposure
- Missing HSTS
- Sensitive header leakage
Audits:
- Certificate validity
- TLS protocol support
- Cipher configuration
- Expiry information
- SSL misconfiguration
Target Input
↓
Validation Layer
↓
Port Scanning
↓
Banner Grabbing
↓
Subdomain Enumeration
↓
Header + SSL Analysis
↓
Security Findings Aggregation
↓
Report Generation
| Layer | Technology |
|---|---|
| Backend | Python 3 |
| Framework | Flask 3.x |
| Networking | socket |
| SSL Analysis | ssl |
| Concurrency | concurrent.futures |
| URL Handling | urllib |
| Frontend | HTML5, CSS3, Vanilla JavaScript |
| Architecture | Modular security scanner |
vaultscanner/
├── app.py
├── requirements.txt
├── templates/
│ └── index.html
├── static/
│ ├── css/
│ │ └── style.css
│ └── js/
│ └── main.js
├── screenshots/
│ ├── homepage-ui.png
│ ├── modules-empty-state.png
│ ├── portscan-subdomain-results.png
│ ├── header-ssl-analysis-results.png
│ ├── detailed-security-findings.png
│ ├── full-scan-report.png
│ ├── invalid-domain-error.png
│ ├── invalid-ip-error.png
│ └── malformed-url-error.png
└── README.md| Method | Endpoint | Description |
|---|---|---|
| POST | /api/scan/ports |
Port scanning |
| POST | /api/scan/subdomains |
Subdomain enumeration |
| POST | /api/scan/headers |
HTTP header analysis |
| POST | /api/scan/ssl |
SSL/TLS audit |
| POST | /api/scan/full |
Full reconnaissance scan |
| Mode | Description |
|---|---|
common |
20 most common ports |
top100 |
Ports 1–100 |
1-1024 |
Well-known ports |
1-65535 |
Full-range scan |
- Python 3.8+
- pip
# 1. Clone the repository
git clone https://github.com/YOUR_USERNAME/VaultScanner.git
# 2. Enter project directory
cd VaultScanner
# 3. Install dependencies
pip install -r requirements.txtpython app.pyOpen:
http://localhost:5000Includes detection for:
- Missing security headers
- SSL/TLS weaknesses
- Exposed services
- Open-port exposure
- Misconfigured servers
- Information leakage
- Invalid target handling
Combines multiple reconnaissance systems into a unified vulnerability assessment workflow.
Uses thread pools for faster port enumeration and network operations.
Prevents:
- Malformed URL scans
- Invalid IP requests
- Broken domain handling
- Unsafe target parsing
No external scanning frameworks required — implemented directly with Python standard libraries.
- Cybersecurity Fundamentals
- Network Reconnaissance
- Port Scanning
- SSL/TLS Analysis
- Web Security Auditing
- Concurrent Programming
- Flask Backend Engineering
- Full-Stack Security Tooling
Only scan systems you own or have explicit written permission to test.
Unauthorized scanning may violate laws or terms of service in your jurisdiction.
- CVE database integration
- Nmap integration
- WHOIS analysis
- OS fingerprinting
- Exportable PDF reports
- Authentication system
- Docker deployment
- Distributed scanning workers
MIT © Manya Singh








