SecureScan is a Flask-based web application for authenticated website security analysis. It combines header inspection, port scanning, OWASP-style vulnerability checks, scoring, analytics, PDF reporting, and per-user scan history in one dashboard-driven workflow.
SecureScan helps teams and learners review the security posture of a target URL by:
- scanning important HTTP security headers
- checking a common set of network ports
- running OWASP-style exposure checks
- generating a consolidated security score
- storing scan history per authenticated user
- exporting results as PDF reports
- visualizing scan trends and risk distribution with analytics charts
- User registration, login, and logout with hashed passwords
- Per-user scan history stored in SQLite
- Security header analysis for CSP, X-Frame-Options, HSTS, and X-XSS-Protection
- Common port scanning for FTP, SSH, SMTP, DNS, HTTP, HTTPS, MySQL, and 8080
- OWASP-style vulnerability checks for HTTPS usage, header exposure, weak cookies, and sensitive paths
- Risk engine that calculates score, severity, and findings count
- PDF report generation for the latest authenticated scan
- Analytics dashboard with summary cards and Chart.js charts
- Production-oriented logging to
logs/app.log - Custom
404and500error pages - Docker and Docker Compose support
SecureScan/
├── app.py
├── .env
├── .dockerignore
├── Dockerfile
├── docker-compose.yml
├── README.md
├── ARCHITECTURE.md
├── instance/
│ └── securescan.db
├── logs/
│ └── app.log
├── scanner/
│ ├── headerscan.py
│ ├── portscan.py
│ ├── vulnerability_scan.py
│ ├── risk_engine.py
│ └── report_generator.py
├── static/
│ ├── style.css
│ └── app.js
└── templates/
├── index.html
├── dashboard.html
├── analytics.html
├── history.html
├── login.html
├── register.html
├── 404.html
└── 500.html
- Create and activate a virtual environment.
- Install dependencies:
pip install Flask Flask-SQLAlchemy Flask-Login gunicorn- Review the values in
.env. - Start the application:
python app.py- Open
http://localhost:5000.
Build and run with Docker Compose:
docker compose up --buildThis starts the app on http://localhost:5000 and persists the SQLite database and logs through bind mounts.
The application exposes the following screens for release documentation and demos:
- Home page with authenticated scan form and loading animation
- Security dashboard with score, scan details, findings tables, and report download
- Scan history page filtered to the signed-in user
- Analytics page with summary cards and Chart.js charts
- Authentication pages for register and login
- Python
- Flask
- Flask-Login
- Flask-SQLAlchemy
- SQLite
- Gunicorn
- Docker
- Chart.js
- HTML5
- CSS3
- JavaScript
- Add asynchronous background scan jobs for longer-running targets
- Store individual scan artifacts for re-opening historical dashboards and PDFs
- Add role-based access control and administrator audit views
- Expand analytics with exportable CSV and scheduled reports
- Add automated tests for scanner modules and authenticated routes
- Support PostgreSQL for multi-instance deployments
See ARCHITECTURE.md for the production architecture diagram and component notes.