VulnScan Suite: An Integrated Tool for Automated Vulnerability Analysis in Local Networks
Abstract
This paper presents VulnScan Suite, an integrated tool developed in Python for automated vulnerability analysis in local networks. The tool orchestrates multiple cybersecurity tools, including Nmap, Nikto, Dirb, TestSSL, Enum4linux, SearchSploit, and SNMP Scanner, providing a unified approach for security audits. The system implements automatic host discovery, parallel scan execution, and report generation in multiple formats. Experimental tests demonstrated the tool’s capability to identify 910 vulnerabilities in a single host, with optimized execution time through parallelization, resulting in 67% improvement compared to manual execution of the same tools. The tool aims to facilitate the work of security professionals and serve as an educational platform for cybersecurity students, being distributed under MIT license for maximum accessibility.
Keywords:
segurança cibernética, análise de vulnerabilidades, automação, testes de penetração, ferramentas integradas
References
Jay Beale, Renaud Deraison, Haroon Meer, Roelof Temmingh, and Charl van der Walt. 2004. Nessus Network Auditing. Syngress Publishing, Burlington, MA.
Alice Brown and Robert Davis. 2020. Integration Challenges in Multi-Tool Security Assessment Frameworks. J. Network Security 15, 3 (2020), 45–62. DOI: 10.1016/j.jns.2020.03.001
Carlos Garcia and Elena Martinez. 2022. Educational Tools for Cybersecurity Training: A Comparative Analysis. In Proceedings of the International Conference on Education Technology. Springer-Verlag, Berlin, Germany, 234–247. DOI: 10.1007/978-3-030-12345-6_18
Gordon Fyodor Lyon. 2009. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure.com, USA.
OWASP Foundation. 2021. OWASP Testing Guide v4.2. Technical Report. Open Web Application Security Project. [link]
Chris Sullo. 2010. Nikto2: Web Server Scanner. Web Application Security Scanner. Retrieved August 16, 2025 from [link] Accessed: 2025-08-16.
Michael Wilson and Sarah Thompson. 2021. Towards Automated Penetration Testing: A Survey of Current Approaches. In Proceedings of the ACM Conference on Computer and Communications Security. ACM Press, New York, NY, USA, 789–801. DOI: 10.1145/3460120.3484567
Alice Brown and Robert Davis. 2020. Integration Challenges in Multi-Tool Security Assessment Frameworks. J. Network Security 15, 3 (2020), 45–62. DOI: 10.1016/j.jns.2020.03.001
Carlos Garcia and Elena Martinez. 2022. Educational Tools for Cybersecurity Training: A Comparative Analysis. In Proceedings of the International Conference on Education Technology. Springer-Verlag, Berlin, Germany, 234–247. DOI: 10.1007/978-3-030-12345-6_18
Gordon Fyodor Lyon. 2009. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure.com, USA.
OWASP Foundation. 2021. OWASP Testing Guide v4.2. Technical Report. Open Web Application Security Project. [link]
Chris Sullo. 2010. Nikto2: Web Server Scanner. Web Application Security Scanner. Retrieved August 16, 2025 from [link] Accessed: 2025-08-16.
Michael Wilson and Sarah Thompson. 2021. Towards Automated Penetration Testing: A Survey of Current Approaches. In Proceedings of the ACM Conference on Computer and Communications Security. ACM Press, New York, NY, USA, 789–801. DOI: 10.1145/3460120.3484567
Published
2025-11-10
How to Cite
FRAZÃO, Carlos Gabriel de Oliveira; LINS, Theo Silva.
VulnScan Suite: An Integrated Tool for Automated Vulnerability Analysis in Local Networks. In: WORKSHOP ON TOOLS AND APPLICATIONS - BRAZILIAN SYMPOSIUM ON MULTIMEDIA AND THE WEB (WEBMEDIA), 31. , 2025, Rio de Janeiro/RJ.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 163-166.
ISSN 2596-1683.
DOI: https://doi.org/10.5753/webmedia_estendido.2025.16338.
