Local Vulnerability Scanner is a Python-based security tool that leverages Nmap to perform network discovery, service enumeration, and basic vulnerability detection within a local network or lab environment.
It is designed for cybersecurity students and home-lab practitioners to understand how automated reconnaissance and misconfiguration detection works.
local_vuln_scanner/ │ ├── scanner.py ├── requirements.txt ├── reports/ │ ├── scan_report_YYYYMMDD_HHMMSS.json │ └── scan_report_YYYYMMDD_HHMMSS.html ├── README.md └── LICENSE
- Integrate CVE lookup based on detected service versions
- Add severity classification (Low / Medium / High)
- Implement parallel scanning for performance optimization
- Add IP geolocation and WHOIS lookup
- Add integration with threat intelligence APIs
- Convert into a web dashboard using Flask
- Add export option for PDF reports
-git clone https://github.com/sibiparvash2/local-vulnerability-scanner.git -cd local-vulnerability-scanner
2️⃣ Install Python Virtual Environment
-sudo apt install python3-venv -y -python3 -m venv venv -source venv/bin/activate
3️⃣ Install Required Dependencies
-pip install -r requirements.txt
4️⃣ Install Nmap (Required)
-sudo apt update s-udo apt install nmap -y
Verify installation:
-nmap --version
🚀 Usage
🔹 Scan a Single Target IP
-python scanner.py --target ( target IP )
🔹 Scan a Subnet
-python scanner.py --subnet 192.168.1.0/24
After scanning, the tool automatically generates:
=JSON report
=HTML report
Reports are saved inside the reports/ directory.
SCAN REPORT DONE IN A ISOLATED HOME LAB
-
= The Reports of the scan have been Successfully Generated -
,
= The Report of a Single-Host Scan (Home Lab) -
-
= The Report of CIDR Range Scan or Subnet scan
📊 Project Summary – Local Vulnerability Scanner (Home Lab) Overview
-Developed a Python-based local vulnerability scanner leveraging Nmap for network reconnaissance, service enumeration, and basic misconfiguration detection. The tool automates scanning and generates structured HTML reports for security analysis within a controlled home lab environment.
-Testing was conducted against a deliberately vulnerable virtual machine running Metasploitable.
🔎SINGLE-HOST SCAN -Performed a targeted single-host scan on Metasploitable (192.168.1.10) using Nmap for service enumeration and risk identification
-Identified critical exposed services including FTP, Telnet (port 23), SMB, HTTP (Apache 2.2.8), and Tomcat
-Detected high-risk issues such as unencrypted Telnet access, outdated web server versions, and potential anonymous FTP access
-Confirmed a large attack surface due to multiple legacy and misconfigured network services
🔎CIDR RANGE or SUBNET SCAN -Conducted a /24 subnet scan (192.168.1.0/24) using Nmap to perform network-wide host discovery
-Identified active hosts within the local network range and assessed exposed services
-Evaluated overall attack surface across the subnet to detect additional vulnerable systems
-Verified no additional high-risk hosts beyond the primary target during the scan window