Web Vulnerability Scanner

A Python-based security scanner that checks websites for common vulnerabilities, misconfigurations, and security best practices.

Live Demo: Enter a public URL below to scan for security issues. The scanner checks headers, cookies, TLS certificates, and detects common JavaScript libraries.

Try the Scanner

Features

Security Headers

Detects missing security headers like HSTS, X-Frame-Options, CSP, and more.

Cookie Analysis

Checks for Secure and HttpOnly flags on cookies for protection against XSS and MITM.

TLS/SSL Check

Reports certificate expiry date and days remaining until renewal needed.

JS Library Detection

Heuristically detects common JavaScript libraries (jQuery, React, Angular) and version hints.

Export Reports

Download scan results as JSON or CSV for further analysis and documentation.

Safe Demo

Blocks internal/localhost scans. Rate-limited to prevent abuse.

Tech Stack

Backend: Python, Flask, Gunicorn
Frontend: HTML5, CSS, Bootstrap
Deployment: Render (free tier)
Libraries: requests, beautifulsoup4, validators

How It Works

User enters a public URL in the web UI
Backend makes an HTTP request to the target
Scanner analyzes response headers, cookies, and HTML content
Results are displayed with actionable security insights
User can export the report as JSON or CSV

View on GitHub Back to Projects