A simple vulnerability scanning application built with FastAPI.

1. Install dependencies:

   pip install -r requirements.txt

2. Run the application:

   uvicorn app:app --reload

   OR if running via docker: Windows:

   docker compose -f docker-compose.winmac.yml up --build

   Linux:

   docker compose -f docker-compose.linux.yml up --build

3. Access the web interface: http://localhost:8000

• Run vulnerability scans against specified targets
• View scan history and individual scan results
• Download PDF reports of scan findings
• User management
• Deployable agent to report installed packages to central OpenVulnScan server
• Dashboard searching(posibbly report creation)
• Scan Types
• syslog forwarding(alpha-testing)
• Detailed Asset listing

the default account is:

admin@openvulnscan.local
   : admin123

⚠️ change after standing up. ⚠️

curl -X POST http://localhost:8000/scan \
-H "Content-Type: application/json" \
-d '{"targets": ["127.0.0.1", "example.com"]}'

curl -O "http://localhost:8000/agent/download?openvulnscan_api=http://localhost:8000/agent/report"

openvulnscan_api=change to the ip address of scanner if not localhost

mv download agent.py
python3 agent.py

curl -X POST http://localhost:8000/agent/report \
-H "Content-Type: application/json" \
-d '{
  "hostname": "my-host",
  "os": "Ubuntu 22.04",
  "packages": [
    {"name": "openssl", "version": "1.1.1"},
    {"name": "curl", "version": "7.68.0"}
  ]
}'

• app.py: Main application entry point
• config.py: Configuration settings
• database/: Database operations
• models/: Pydantic models
• scanners/: Scanner implementations
• services/: Business logic services
• utils/: Utility functions
• templates/: HTML templates
• static/: Static files
• data/: Data storage

MIT