A professional-grade ethical hacking vulnerability scanner with a stunning cyberpunk GUI. Inspired by OWASP ZAP, built for pentesters who love neon vibes. ππ»
NeoVuln Scanner is an open-source tool designed for ethical penetration testers and security enthusiasts. It scans web applications for common vulnerabilities like XSS, SQLi, exposed directories, and moreβ all wrapped in a futuristic cyberpunk-themed interface with neon cyan, magenta, and green accents.
- Why NeoVuln? Because traditional scanners are boring. This one feels like hacking in a cyber-noir movie. π₯π₯
- Ethical Use Only: Always get permission before scanning. Respect the law and the web. βοΈ
| Feature | Status |
|---|---|
| Multi-Threaded Scans | β |
| SQLite Scan History | β |
| HTML Report Generation | β |
| Proxy & Auth Support | β |
| Cyberpunk GUI | π¨β¨ |
- π Cyberpunk GUI: Dark theme with neon colors (cyan, magenta, green) using Tkinter. Tabs for Scan, Settings, Reports, and Logs.
- π Vulnerability Checks:
- Connectivity & Header Analysis π‘οΈ
- Reflected XSS Testing π₯
- SQL Injection Probes ποΈ
- Directory Enumeration π
- SSL/TLS Certificate Validation π
- Subdomain Enumeration π
- βοΈ Configurable Options: Timeout, threads, enable/disable modules, proxy, basic auth.
- π Reporting: Generate beautiful HTML reports with severity-based styling. Export to CSV/JSON.
- ποΈ Scan History: SQLite database to track past scans and results.
- π Logging: Rotated file logs + real-time GUI display.
- No Dependencies: Pure Python 3.x β just run it! π
-
Prerequisites:
- Python 3.6+ (Tkinter included by default).
- No pip installs needed! π
-
Clone the Repo:
(https://github.com/FreedomParrot/NeoVulnScanner) cd NeoVulnScanner -
Run the Scanner:
python neovuln_scanner.py
- The GUI will launch in a 1200x800 window. Enter a URL and hit Start Scan! π―
-
Optional: Virtual Environment (Recommended):
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate python neovuln_scanner.py
- Open the app β you'll see the Scan tab with a neon URL input.
- Enter a target:
http://testphp.vulnweb.com(legal demo site) or your authorized target. - Configure in Settings Tab:
- Enable/disable checks (e.g., XSS, SQLi).
- Set timeout (default: 10s), max threads (default: 5).
- Add proxy or auth if needed.
- Hit Start Scan β watch the progress bar glow! π
- Results populate in real-time. Generate reports from the Reports tab.
[14:30:15] Initializing professional scan on http://example.com...
[14:30:16] β Connected to http://example.com (Status: 200)
[14:30:17] β Server: Apache/2.4.41 - Potential info leak
[14:30:18] β Potential reflected XSS vulnerability detected!
[14:30:20] Scan completed. For full assessment, use professional tools like OWASP ZAP.
- Test Legally: Use sites like DVWA or VulnHub.
- Extend It: Add new checkers (e.g., CSRF) by subclassing
VulnerabilityChecker. - Troubleshooting: Check
neovuln.logfor errors. GUI logs update every 5s.
Edit neovuln_config.json for defaults:
{
"scan_timeout": 10,
"max_threads": 5,
"enable_xss": true,
"enable_sqli": true,
"proxy": "http://localhost:8080"
}- Reload via File > Load Config.
- Speed: Multi-threaded for dir enum (up to 5 threads).
- Limitations: Basic checks only β not a full replacement for ZAP/Burp. For production, integrate with them.
- Metrics: Scans log requests/errors/duration.
Love the neon aesthetic? Help us hack better! π
- Fork the repo.
- Create a feature branch (
git checkout -b feature/neon-enhance). - Commit changes (
git commit -m 'Add dark mode toggle β¨'). - Push & PR!
This project is licensed under the MIT License - see [LICENSE] for details. Free for ethical use only. βοΈ
- Inspired by OWASP ZAP.
- Cyberpunk vibes: Neon dreams from Blade Runner & Ghost in the Shell. π
Built with β€οΈ in the shadows of the net ~FreedomParrot. Last updated: October 29, 2025