NetSentinel is a multi-threaded network vulnerability scanner written in Python. It performs TCP port scanning, service detection, banner grabbing, and cross-references open ports against a CVE database to identify known vulnerabilities — generating professional HTML/JSON reports.
⚠️ Legal Disclaimer: This tool is for educational purposes and authorized testing only. Never scan systems you don't own or lack explicit permission to test. Unauthorized scanning is illegal.
- 🔍 Fast multi-threaded port scanning — scans 21 common ports in < 2 seconds
- 🎯 Service detection — identifies running services (SSH, HTTP, SMB, RDP, MySQL, etc.)
- 🚩 Banner grabbing — retrieves service banners for version fingerprinting
- 🧠 CVE vulnerability matching — cross-references open ports against known CVEs (EternalBlue, BlueKeep, SambaCry, etc.)
- 📊 CVSS risk scoring — calculates overall risk level (CRITICAL / HIGH / MEDIUM / LOW)
- 📄 HTML & JSON reports — generates professional security reports
- 🌐 Network range scanning — supports CIDR notation (e.g.
192.168.1.0/24) - 🎨 Colored terminal output — clean, readable CLI interface
git clone https://github.com/yourusername/NetSentinel.git
cd NetSentinel
pip install -r requirements.txt# Scan a single host (common ports)
python netsentinel.py -t scanme.nmap.org
# Scan specific ports
python netsentinel.py -t 192.168.1.1 -p 22,80,443,3389,8080
# Scan a port range
python netsentinel.py -t 192.168.1.1 -p 1-1000
# Scan entire network
python netsentinel.py -n 192.168.1.0/24
# Generate HTML report
python netsentinel.py -t 192.168.1.1 --report html
# Generate both HTML and JSON reports
python netsentinel.py -t 192.168.1.1 --report both[*] Scanning 192.168.1.1...
────────────────────────────────────────────────────────────
Target: 192.168.1.1 (192.168.1.1)
Scanned: 21 ports in 1.24s
Open ports: 3
PORT SERVICE STATE
────────────────────────────────────────
22 SSH OPEN
80 HTTP OPEN
445 SMB OPEN
⚠ 2 vulnerabilities found — Risk: CRITICAL
[CVE-2017-0144] Port 445 — EternalBlue - SMBv1 vulnerability used by WannaCry...
[CVE-2020-0796] Port 445 — SMBGhost - Remote code execution in SMBv3 compression...
────────────────────────────────────────────────────────────
NetSentinel/
├── netsentinel.py # Main CLI entry point
├── src/
│ ├── scanner.py # Port scanner & vulnerability analyzer
│ ├── services.py # Port-to-service mapping database
│ ├── vulnerabilities.py # CVE vulnerability database
│ └── reporter.py # HTML & JSON report generator
├── tests/
│ └── test_scanner.py # Unit tests
├── reports/ # Generated reports (gitignored)
├── requirements.txt
└── README.md
python -m pytest tests/ -v| Flag | Description | Example |
|---|---|---|
-t |
Target host | -t 192.168.1.1 |
-n |
Network CIDR | -n 192.168.1.0/24 |
-p |
Ports to scan | -p 22,80,443 or -p 1-1000 |
--timeout |
Connection timeout (seconds) | --timeout 2.0 |
--threads |
Max concurrent threads | --threads 200 |
--report |
Report format: html, json, both | --report html |
--no-vuln |
Skip vulnerability analysis | --no-vuln |
NetSentinel includes CVEs for the most impactful network vulnerabilities:
| CVE | Port | Service | CVSS | Description |
|---|---|---|---|---|
| CVE-2017-0144 | 445 | SMB | 9.3 | EternalBlue (WannaCry) |
| CVE-2020-0796 | 445 | SMB | 10.0 | SMBGhost |
| CVE-2019-0708 | 3389 | RDP | 9.8 | BlueKeep |
| CVE-2019-1182 | 3389 | RDP | 9.8 | DejaBlue |
| CVE-2017-7494 | 139 | Samba | 9.8 | SambaCry |
| CVE-2011-2523 | 21 | FTP | 10.0 | vsftpd Backdoor |
| CVE-2021-41773 | 80 | HTTP | 9.8 | Apache Path Traversal |
- Concurrency: Uses
concurrent.futures.ThreadPoolExecutorfor parallel scanning - Socket handling: Raw TCP socket connections with configurable timeouts
- Banner grabbing: Sends HTTP HEAD request and reads first 200 bytes of response
- Risk scoring: Uses CVSS v3 base scores from NVD
- Reports: Pure Python HTML generation, no external dependencies
This project was built to understand:
- TCP/IP networking fundamentals
- Socket programming in Python
- Common network vulnerabilities (CVE database)
- Multi-threading and concurrent I/O
- Security tooling and ethical hacking concepts
Next steps to learn more:
- TryHackMe — Hands-on cybersecurity labs
- Hack The Box — CTF challenges
- OWASP Top 10 — Web vulnerability reference
- CVE Database — Official CVE list
MIT License — see LICENSE for details.
Built for educational purposes. Part of my cybersecurity learning journey.