VulnScan is a professional, open-source network vulnerability scanner designed for defensive security, security auditing, and educational purposes. It provides both GUI and CLI interfaces for comprehensive network security assessments.
VulnScan is a DEFENSIVE SECURITY tool for IT professionals, security researchers, and system administrators.
- Vulnerability Assessment of owned or authorized systems
- Security Auditing for compliance and hardening
- Network Discovery for inventory and documentation
- Configuration Analysis to identify misconfigurations
- Educational purposes for cybersecurity learning
- Authorized Penetration Testing from clients/employers
- Cybersecurity Outreach and scientific dissemination
- Academic Research on AI applications in security
- No exploit execution or active vulnerability exploitation
- No payload delivery or code injection
- No credential harvesting or password cracking
- No DoS attacks or service disruption
- No unauthorized access or privilege escalation
- No data exfiltration or lateral movement
Users are FULLY responsible for legal and authorized use of this tool.
- Obtain written authorization before any scan
- Comply with local laws and terms of service
- Use only on owned networks or explicitly authorized systems
- DO NOT use for illegal or unauthorized activities
- β Modular architecture with clean interfaces
- β SQLite database for scan results persistence
- β Configuration system with JSON support
- β Multi-level logging system
- β Comprehensive unit testing framework (147+ tests)
- β Cross-platform support (Windows, Linux, macOS)
- β Both GUI (Qt) and CLI interfaces
- β Multi-threaded port scanner with configurable concurrency
- β Service detection and banner grabbing
- β DNS resolution (forward and reverse lookup)
- β Network interface discovery with CIDR support
- β Scan engine orchestrator with preset scan modes
- β Scan repository with full CRUD operations
- β Functional CLI application (scan, list, show, delete, clean commands)
- β Integration testing suite (24 tests)
- π§ Vulnerability database integration
- π§ AI-powered analysis and recommendations
- π§ Comprehensive reporting (PDF, HTML, JSON)
- π§ Real-time scan monitoring dashboard
- π§ Educational mode with learning resources
- Qt 6.9+ (with Qt Widgets)
- CMake 3.16+ or qmake
- C++17 compatible compiler
- GCC 7+ / Clang 5+ / MSVC 2017+
- SQLite 3
# Clone the repository
git clone https://github.com/paolosereno/VulnScan.git
cd VulnScan
# Create build directory
mkdir build && cd build
# Configure
cmake -G "MinGW Makefiles" -DCMAKE_PREFIX_PATH="C:/Qt/6.9.1/mingw_64" ..
# Build
cmake --build . -j4
# Run tests
ctest --output-on-failure# Clone the repository
git clone https://github.com/paolosereno/VulnScan.git
cd VulnScan
# Generate Makefile
qmake vulnscan.pro
# Build
make# GUI Application
./build/src/gui/vulnscan_gui
# CLI Application - Full Network Scanner
./build/src/cli/vulnscan_cli --help
# Available CLI commands:
./build/src/cli/vulnscan_cli scan 192.168.1.0/24 # Scan network
./build/src/cli/vulnscan_cli list # List all scans
./build/src/cli/vulnscan_cli show <scan_id> # Show scan details
./build/src/cli/vulnscan_cli delete <scan_id> # Delete scan
./build/src/cli/vulnscan_cli clean # Clean old scans
# Run Unit Tests
./build/tests/vulnscan_tests
# Run Integration Tests (optional)
./build/tests/vulnscan_tests --integrationVulnScan/
βββ src/
β βββ core/ # Core library (scanner, AI, database, config)
β βββ gui/ # Qt GUI application
β βββ cli/ # Command-line interface
βββ tests/ # Unit tests
βββ docs/ # Documentation
β βββ fasi/ # Development phases documentation
β βββ requirements.md
βββ resources/ # Resources (icons, database schema, etc.)
βββ CMakeLists.txt # CMake build configuration
βββ vulnscan.pro # qmake build configuration
The project includes comprehensive unit tests:
# Using CMake
cd build
ctest --output-on-failure
# Or run directly
./build/tests/vulnscan_testsCurrent Test Coverage:
- β DatabaseManager tests (100% passing)
- β Configuration system tests (100% passing)
- β PortScanner tests (24 tests, 100% passing)
- β ServiceDetector tests (18 tests, 100% passing)
- β DnsResolver tests (20 tests, 100% passing)
- β NetworkInterface tests (19 tests, 100% passing)
- β ScanEngine tests (22 tests, 100% passing)
- β ScanRepository tests (20 tests, 100% passing)
- β Integration tests (24 tests, optional execution)
- Total: 147+ tests (123+ unit + 24 integration)
- Development Phases - Overview of all development phases
- Technical Requirements - Detailed technical specifications
- Project State - Current development status
- Contributing Guide - How to contribute to the project
The project is divided into 9 incremental phases:
- β Phase 1: Foundation & Core Architecture (COMPLETED)
- β
Phase 2: Network Scanner Core (COMPLETED)
- Multi-threaded port scanner
- Service detection and banner grabbing
- DNS resolution and network discovery
- Scan engine orchestrator
- Repository persistence and CLI application
- π§ Phase 3: Vulnerability Assessment (IN PROGRESS)
- π Phase 4: AI Integration
- π Phase 5: GUI Application
- π Phase 6: Advanced Features
- π Phase 7: DevOps & Distribution
- π Phase 8: Documentation & Community
- π Phase 9: Educational Enhancement
See docs/fasi/README.md for detailed phase descriptions.
Contributions are welcome! Please read our Contributing Guide for details on:
- Code of conduct
- Development workflow
- Coding standards
- How to submit pull requests
This project is licensed under the MIT License - see the LICENSE file for details.
IMPORTANT: This tool is provided for legal and authorized security testing only. Users must:
- Have explicit written authorization before scanning any network or system
- Comply with all applicable local, state, and federal laws
- Not use this tool for unauthorized access or malicious activities
- Accept full responsibility for their actions
The developers assume NO liability for misuse of this tool. Unauthorized network scanning may be illegal in your jurisdiction.
- Paolo Sereno - paolosereno
- Built with Qt Framework
- Developed with Claude Code
- Inspired by professional security tools like Nmap, OpenVAS, and Nessus
For questions, suggestions, or security concerns, please open an issue on GitHub.
Made with β€οΈ for the cybersecurity community