DUT Vulnerability Scanner - A comprehensive security scanning tool with plugin-based architecture
Project description
DUTVulnScanner - Cross-platform Vulnerability Scanner
🔍 A comprehensive, modular vulnerability scanning framework with support for multiple scanning tools and execution environments.
Features
- Multiple Scanning Tools:
- Recon: subfinder, naabu, httpx, nmap, whatweb, whois - Information gathering & discovery
- Scanners: nuclei, testssl, sslscan, nikto - Vulnerability detection & SSL/TLS testing
- Validators: dalfox, sqlmap, hydra - Vulnerability verification (opt-in)
- Local Execution: Execute scans directly on your local machine
- Smart Correlation: Automatically correlates findings from multiple tools
- Multiple Report Formats: Generate reports in HTML, JSON, PDF, and SARIF
- Customizable Profiles: Pre-configured scanning profiles for different scenarios
- Modern CLI: Beautiful command-line interface built with Typer and Rich
Installation
🚀 Quick Install (Recommended for Kali Linux)
One-command installation:
# Install globally using pipx (recommended)
pipx install git+https://github.com/DinhManhAVG/CLI-Cross-Platform.git
# Or using pip
pip install git+https://github.com/DinhManhAVG/CLI-Cross-Platform.git
Note: If pipx is not installed:
sudo apt install pipx
pipx ensurepath
source ~/.bashrc
From Source (Development)
# Clone and install
git clone https://github.com/DinhManhAVG/CLI-Cross-Platform.git
cd CLI-Cross-Platform
pip install -e .
Verify Installation
dutVulnScanner --version
dutVulnScanner --help
📖 For detailed installation instructions, see INSTALL.md
Quick Start
Interactive Shell Mode (Recommended for beginners)
Start an interactive session where you can configure and run scans without typing dutVulnScanner every time:
dutVulnScanner shell
Inside the shell:
dutVulnScanner: help # Show all commands
dutVulnScanner: set target example.com # Set your target
dutVulnScanner: set profile web # Choose a profile
dutVulnScanner: show options # Review settings
dutVulnScanner: scan # Run the scan
dutVulnScanner: exit # Exit shell
Command-Line Mode
Choose Your Profile
List all available profiles to see which one fits your needs:
dutVulnScanner profile list
Common Usage Scenarios
Quick Security Check (~10 min)
dutVulnScanner scan run example.com --profile quick
Basic Reconnaissance (~30 min)
dutVulnScanner scan run example.com --profile recon
Complete Discovery Pipeline (~2 hours)
Subdomain enumeration → Port scanning → HTTP probing → Service detection
dutVulnScanner scan run example.com --profile discovery_full
Web Application Testing (~1 hour)
dutVulnScanner scan run https://example.com --profile web
Vulnerability Scanning (~3 hours)
dutVulnScanner scan run example.com --profile vuln_scan
Full Security Assessment (~6 hours)
dutVulnScanner scan run target.com --profile full_scan --output full_results.json
⚠️ Deep Testing (Authorization Required!)
# XSS, SQLi, brute-force testing - Only with written permission!
dutVulnScanner scan run target.com --profile deep_test
Generate Reports
dutVulnScanner report generate results.json report.html --format html
View Profile Details
dutVulnScanner profile show recon
dutVulnScanner profile show discovery_full
List Available Profiles
dutVulnScanner profile list
Architecture
dutVulnScanner/
├── cli/ # Command-line interface (Typer)
├── core/ # Core logic (orchestrator, config, schema, correlation)
├── runners/ # Local execution environment
├── plugins/ # Security scanning plugins
│ ├── recon/ # subfinder, naabu, httpx, nmap, whatweb, whois
│ ├── scanners/ # nuclei, testssl, sslscan, nikto
│ └── validators/ # dalfox, sqlmap, hydra
├── reporting/ # Report generation (builder, templates)
└── profiles/ # Scan profiles (recon, discovery_full, vuln_scan, deep_test)
Security Warning
Important: Always ensure you have authorization before scanning any target. Unauthorized scanning may be illegal.
Changelog
See CHANGELOG.md for a detailed list of changes and version history.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dutvulnscanner-0.2.0.tar.gz.
File metadata
- Download URL: dutvulnscanner-0.2.0.tar.gz
- Upload date:
- Size: 100.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8a42dec1f137219d6c3f136de27905273ba231c0aa96dc0127a631dccfb010e3
|
|
| MD5 |
18685a5ca0c1483b36cf113d307a5bc9
|
|
| BLAKE2b-256 |
52c20f35c1e8ad549f28ca58979ff00d4bb946de235f18d08368138e7f6ac64c
|
File details
Details for the file dutvulnscanner-0.2.0-py3-none-any.whl.
File metadata
- Download URL: dutvulnscanner-0.2.0-py3-none-any.whl
- Upload date:
- Size: 130.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c5fdf247a7dd5f16a19239d0d867423a5207520e3b130d8fecf02ae7ca2a3b9f
|
|
| MD5 |
0623928cb0bd41a94d5cc96517299c5a
|
|
| BLAKE2b-256 |
d149cd7ba6b30208206ebb9d11833c672474f1cc67ba2d15ab44312d36e615d5
|
