EasyScan: A Lightweight Web Vulnerability Scanner

Hey HN!<p>I&#x27;ve released an updated version of EasyScan, a lightweight website vulnerability scanner written in Python.<p>EasyScan analyzes the security of a website by inspecting its HTTP headers and DNS records, generating a comprehensive security report with recommendations for addressing potential vulnerabilities.<p>A complete security audit still requires manual testing and logical thinking, this script is meant for finding out basic server configuration and DNS issues.<p>Some of the key test cases covered by EasyScan include:<p>- Same Site Scripting - SPF and DMARC records - Public Admin Page - Directory Listing - Missing security headers - Insecure cookie settings - Information disclosure - CORS misconfigurations - Content-Type sniffing - Cache control<p>The script is easy to set up and use, requiring Python 3.6 or higher, along with a few dependencies (`requests`, `beautifulsoup4`, and `dnspython`). The generated report provides a quick overview of your website&#x27;s security posture, helping you identify any issues that might need your attention.<p>Please note that EasyScan is not a substitute for a thorough security assessment, but it can be a great starting point for identifying potential vulnerabilities in your website.<p>Check out the project on GitHub: <a href="https:&#x2F;&#x2F;github.com&#x2F;introvertmac&#x2F;EasyScan">https:&#x2F;&#x2F;github.com&#x2F;introvertmac&#x2F;EasyScan</a><p>I&#x27;d love to hear your feedback and suggestions for improvement.<p>If you have any questions or need assistance, feel free to reach out on Twitter <a href="https:&#x2F;&#x2F;twitter.com&#x2F;introvertmac" rel="nofollow noreferrer">https:&#x2F;&#x2F;twitter.com&#x2F;introvertmac</a>.