2026-02-20·12 min read
Web Vulnerability Scanning with Python
Building a modular vulnerability scanner in Python — from crawlers and fingerprinting to SQL injection detection and report generation.
To understand web security, you have to learn how automated scanners work. I built VulnScanner, a modular vulnerability scanner in Python, to run penetration testing experiments on local labs. Here is a breakdown of how the scanner is architected.
Core Scanner Architecture
The scanner consists of a master orchestrator and five specialized detection modules:
- Crawler Module: Recursively maps all links, forms, and API endpoints using BeautifulSoup.
- Header Analyzer: Checks security headers (CORS, CSP, X-Frame-Options, HSTS).
- SQLi Scanner: Injects basic boolean-based and time-based SQL payloads into input forms.
- XSS Detection: Tests input validation by injecting HTML elements and monitoring reflecting inputs.
- Reporter: Compiles a structured markdown document detailing findings and risk severity.
# Sample code snippet from the SQLi detection module
def check_sqli(url, parameter):
payloads = ["'", "''", " OR 1=1", "' OR '1'='1"]
for payload in payloads:
target = f"{url}?{parameter}={payload}"
response = requests.get(target)
if "sql syntax" in response.text.lower() or "mysql" in response.text.lower():
return True
return False
This project taught me the importance of input validation, sanitized database queries (prepared statements), and the utility of automated testing tools in modern secure development pipelines.