Skip to content

zinzied/ApacheGuard---Apache-Vulnerability-Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
scanner.html
scanner.html
 
 
scanner.js
scanner.js
 
 
scanner.ts
scanner.ts
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

ApacheGuard - Apache Vulnerability Scanner

A web-based tool for scanning Apache HTTP Server installations for vulnerabilities and misconfigurations.

ApacheGuard Screenshot

Features

  • Real Vulnerability Detection: Performs actual checks for server headers, Apache versions, and security misconfigurations
  • Comprehensive Vulnerability Database: Includes 25+ vulnerabilities including the latest CVEs and common web vulnerabilities
  • Interactive UI: Fully functional interface with modals, detailed views, and interactive elements
  • Customizable Scan Options: Configure scan depth, type, and specific checks
  • Detailed Reporting: Generate reports in various formats (PDF, HTML, CSV)
  • Scan Scheduling: Schedule recurring scans for continuous monitoring
  • Scan Comparison: Compare results between different scans to track security improvements
  • Modern UI: Clean, responsive interface built with TailwindCSS

Vulnerability Categories

The scanner checks for:

  1. CVE Vulnerabilities: Known security issues in Apache HTTP Server (10+ specific CVEs)
  2. Misconfigurations: Common security misconfigurations in Apache setups
  3. Information Disclosure: Issues that could leak sensitive information
  4. Web Application Vulnerabilities: Common web security issues like XSS, CSRF, SSRF, etc.
  5. SSL/TLS Issues: Weak cipher suites and outdated protocols

How to Use

  1. Setup:

    • Clone this repository
    • Open scanner.html in a modern web browser (or use a local server)

  2. Basic Scanning:

    • Enter the target URL of the Apache server you want to scan
    • Configure scan options as needed
    • Click "Scan" to start the vulnerability assessment
    • Review the results and follow the recommended solutions

  3. Advanced Features:

    • Click "View Details" on any vulnerability to see comprehensive information
    • Use "Generate Report" to create downloadable reports
    • Use "Schedule Scan" to set up recurring scans
    • Use "Compare Scans" to analyze differences between scan results

  4. Navigation:

    • Use the top navigation menu to access different sections of the application
    • Dashboard: Overview of scan activity and statistics
    • Scans: History of previous scans
    • Reports: Access to generated reports
    • Settings: Configure application preferences

Technical Implementation

This project uses:

  • JavaScript with object-oriented programming principles
  • TailwindCSS for styling
  • Fetch API for making HTTP requests
  • DOM manipulation for dynamic content
  • Modal dialogs for interactive features

The scanner performs real checks including:

  • Server header analysis
  • Apache version detection and vulnerability matching
  • Security header verification
  • Directory listing detection
  • Domain-based vulnerability assessment

Development

To modify the vulnerability database, edit the vulnerabilitiesDatabase array in scanner.js.

To add new vulnerability checks:

  1. Add the vulnerability definition to the database
  2. Implement detection logic in the generateScanResults method
  3. Update the UI components as needed

GitHub Repository

This project is available on GitHub. Feel free to fork, star, and contribute to the project.

Disclaimer

This tool is for educational purposes only. Always obtain proper authorization before scanning any systems you don't own. The authors are not responsible for any misuse of this tool.

About

Apache Vulnerability Scanner

Topics

vulnerability vulnerability-detection cve-scanning vulnerability-scanners cve-search appache

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Languages