vulnerability_scanner/vulnerability_scanner.py

import requests
import ssl
import socket
import dns.resolver
import datetime
from urllib.parse import urlparse

# Function to check SSL certificate
def check_ssl(url):
    try:
        # Parsing hostname from URL
        hostname = urlparse(url).hostname
        context = ssl.create_default_context()
        
        # Attempt to create a socket connection and wrap it with SSL context
        with socket.create_connection((hostname, 443)) as sock:
            with context.wrap_socket(sock, server_hostname=hostname) as ssock:
                cert = ssock.getpeercert()
                if cert:
                    return "SSL Certificate is valid"
                else:
                    return "SSL Certificate is not valid"
    except Exception as e:
        return f"SSL Certificate error: {str(e)}"

# Function to check XSS vulnerability
def check_xss(url):
    payloads = ["<script>alert('XSS')</script>", "<img src='x' onerror='alert(1)'>"]
    for payload in payloads:
        try:
            # Perform GET request to check for reflected XSS vulnerability
            response = requests.get(url, params={'input': payload}, verify=False)  # Disable SSL verification temporarily for testing
            if payload in response.text:
                return "Possible XSS vulnerability detected!"
        except requests.exceptions.RequestException as e:
            return f"Request failed: {str(e)}"
    return "No XSS vulnerability detected."

# Function to check for security headers
def check_security_headers(url):
    try:
        response = requests.get(url, verify=False)  # Disable SSL verification temporarily for testing
        headers = response.headers
        missing_headers = []

        # Check for common security headers
        if 'Strict-Transport-Security' not in headers:
            missing_headers.append('Strict-Transport-Security')
        if 'X-Content-Type-Options' not in headers:
            missing_headers.append('X-Content-Type-Options')
        if 'X-Frame-Options' not in headers:
            missing_headers.append('X-Frame-Options')

        if missing_headers:
            return f"Missing security headers: {', '.join(missing_headers)}"
        return "All security headers are present."
    except requests.exceptions.RequestException as e:
        return f"Request failed: {str(e)}"

# Function to generate a report with a summary
def generate_report(url, ssl_status, xss_status, security_header_status):
    # Start with a simple summary
    summary = "Vulnerability Report Summary:\n"
    
    # Check SSL status and provide a user-friendly summary
    if "valid" in ssl_status:
        summary += "- SSL Certificate is valid.\n"
    else:
        summary += "- SSL Certificate has issues.\n"
    
    # Check XSS status and provide a user-friendly summary
    if "detected" in xss_status:
        summary += "- XSS vulnerability detected.\n"
    else:
        summary += "- No XSS vulnerability detected.\n"
    
    # Check security header status and provide a user-friendly summary
    if "missing" in security_header_status:
        summary += "- Missing important security headers.\n"
    else:
        summary += "- All necessary security headers are present.\n"
    
    # Detailed findings section
    report = f"\nDetailed Vulnerability Report for {url}\n"
    report += f"SSL Status: {ssl_status}\n"
    report += f"XSS: {xss_status}\n"
    report += f"Security Headers: {security_header_status}\n"

    # Combine the summary and detailed report
    return summary + report

# Main function that will be called by Gradio interface
def scan_website(url):
    # Perform checks
    ssl_status = check_ssl(url)
    xss_status = check_xss(url)
    security_header_status = check_security_headers(url)

    # Generate and return the report
    report = generate_report(url, ssl_status, xss_status, security_header_status)
    return report