starker-scanner 5.0.0__tar.gz

starker_scanner-5.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 STARKER Consulting
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

starker_scanner-5.0.0/PKG-INFO

@@ -0,0 +1,209 @@
+Metadata-Version: 2.4
+Name: starker-scanner
+Version: 5.0.0
+Summary: Enterprise defensive security scanner. Audits SSL, DNS, headers, ports, subdomains and more.
+Home-page: https://github.com/YOUR_USERNAME/starker-scanner
+Author: STARKER Consulting
+Author-email: contact@starkerconsulting.com
+Project-URL: Bug Reports, https://github.com/YOUR_USERNAME/starker-scanner/issues
+Project-URL: Source, https://github.com/YOUR_USERNAME/starker-scanner
+Project-URL: Documentation, https://github.com/YOUR_USERNAME/starker-scanner#readme
+Keywords: security,scanner,audit,ssl,dns,headers,ports,subdomains,waf,tls,infosec,cybersecurity
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: Intended Audience :: Information Technology
+Classifier: Topic :: Security
+Classifier: Topic :: Internet :: WWW/HTTP
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: requests>=2.31.0
+Requires-Dist: python-whois>=0.8.0
+Requires-Dist: dnspython>=2.4.0
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: keywords
+Dynamic: license-file
+Dynamic: project-url
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# STARKER Security Scanner
+
+![Version](https://img.shields.io/badge/version-5.0-blue)
+![License](https://img.shields.io/badge/license-MIT-green)
+![Python](https://img.shields.io/badge/python-3.9%2B-yellow)
+
+Enterprise-grade **defensive security auditor**. Open source. Zero cost.
+
+Designed to expose infrastructure vulnerabilities before attackers do.
+
+---
+
+## What it does
+
+Runs 10 independent audit modules against any domain and returns a scored report:
+
+| Module | What it checks |
+|---|---|
+| **SSL/TLS** | Certificate validity, expiry, cipher suite, protocol version |
+| **HTTP Headers** | Presence of 11 mandatory security headers |
+| **Cookies** | Secure, HttpOnly, SameSite flags |
+| **DNS** | SPF, DMARC, DNSSEC, NS/MX records |
+| **WHOIS** | Registrar, expiry date, organization |
+| **Port Scan** | 33 common ports, 23 flagged as high-risk |
+| **Subdomains** | 25 common subdomain patterns |
+| **WAF Detection** | Cloudflare, Akamai, AWS WAF, Sucuri, F5, and more |
+| **JS Libraries** | Fingerprints 12 common frameworks |
+| **Redirect Chain** | HTTP → HTTPS enforcement |
+
+**Scoring:** Sites start at 100. Each finding deducts weighted points.
+
+| Score | Risk Level |
+|---|---|
+| 80–100 | LOW |
+| 60–79 | MODERATE |
+| 40–59 | HIGH |
+| 0–39 | CRITICAL |
+
+---
+
+## Installation
+
+### Via pip
+
+```bash
+pip install starker-scanner
+starker-scan example.com
+```
+
+### Via Docker
+
+```bash
+docker run --rm starkerconsulting/scanner:5.0 example.com --format html > report.html
+```
+
+### From source
+
+```bash
+git clone https://github.com/YOUR_USERNAME/starker-scanner.git
+cd starker-scanner
+pip install -r requirements.txt
+python scanner.py example.com
+```
+
+---
+
+## Usage
+
+```bash
+# Basic scan (JSON output)
+python scanner.py example.com
+
+# HTML report
+python scanner.py example.com --format html
+
+# CSV export
+python scanner.py example.com --format csv
+
+# Custom output path
+python scanner.py example.com --format html --output /reports/example
+
+# Skip slow modules
+python scanner.py example.com --skip-whois --skip-subdomains
+
+# Verbose (shows all headers)
+python scanner.py example.com --verbose
+
+# Adjust performance
+python scanner.py example.com --timeout 20 --workers 100
+```
+
+### All flags
+
+| Flag | Default | Description |
+|---|---|---|
+| `--format` | `json` | Output format: `json`, `html`, `csv` |
+| `--output` | auto | Output file path (no extension needed) |
+| `--timeout` | `12` | Request timeout in seconds |
+| `--workers` | `60` | Parallel threads for port scanning |
+| `--skip-whois` | off | Skip WHOIS lookup |
+| `--skip-ports` | off | Skip port scanning |
+| `--skip-subdomains` | off | Skip subdomain enumeration |
+| `--verbose` | off | Show all response headers |
+
+---
+
+## Output examples
+
+### Terminal summary
+
+```
+============================================================
+  [+] Executive Summary
+============================================================
+  Target            : example.com
+  Score             : 74/100
+  Risk              : MODERATE
+  Penalties         : 6
+  Open ports        : 3
+  Subdomains found  : 4
+  WAF/CDN           : Cloudflare
+  Scan duration     : 14.32s
+```
+
+### HTML report
+
+Full visual report with color-coded findings, organized tables for SSL, DNS, WHOIS, open ports, subdomains, and all HTTP headers.
+
+### JSON report
+
+Structured output for integration with SIEM, dashboards, or custom pipelines.
+
+---
+
+## Requirements
+
+- Python 3.9+
+- `requests`
+- `python-whois`
+- `dnspython` (optional — enhances DNS analysis)
+
+---
+
+## Legal
+
+This tool is intended for **defensive security auditing only**.
+
+Run it exclusively on:
+- Domains you own
+- Domains you have written authorization to test
+
+Unauthorized scanning may violate local laws including the CFAA (US), Computer Misuse Act (UK), and equivalent legislation in your jurisdiction.
+
+The authors accept no liability for misuse.
+
+---
+
+## License
+
+MIT License — free for personal and commercial use.
+
+---
+
+## Built by
+
+**STARKER Consulting** — Business intelligence and infrastructure security for physical and digital enterprises.

starker_scanner-5.0.0/README.md

@@ -0,0 +1,166 @@
+# STARKER Security Scanner
+
+![Version](https://img.shields.io/badge/version-5.0-blue)
+![License](https://img.shields.io/badge/license-MIT-green)
+![Python](https://img.shields.io/badge/python-3.9%2B-yellow)
+
+Enterprise-grade **defensive security auditor**. Open source. Zero cost.
+
+Designed to expose infrastructure vulnerabilities before attackers do.
+
+---
+
+## What it does
+
+Runs 10 independent audit modules against any domain and returns a scored report:
+
+| Module | What it checks |
+|---|---|
+| **SSL/TLS** | Certificate validity, expiry, cipher suite, protocol version |
+| **HTTP Headers** | Presence of 11 mandatory security headers |
+| **Cookies** | Secure, HttpOnly, SameSite flags |
+| **DNS** | SPF, DMARC, DNSSEC, NS/MX records |
+| **WHOIS** | Registrar, expiry date, organization |
+| **Port Scan** | 33 common ports, 23 flagged as high-risk |
+| **Subdomains** | 25 common subdomain patterns |
+| **WAF Detection** | Cloudflare, Akamai, AWS WAF, Sucuri, F5, and more |
+| **JS Libraries** | Fingerprints 12 common frameworks |
+| **Redirect Chain** | HTTP → HTTPS enforcement |
+
+**Scoring:** Sites start at 100. Each finding deducts weighted points.
+
+| Score | Risk Level |
+|---|---|
+| 80–100 | LOW |
+| 60–79 | MODERATE |
+| 40–59 | HIGH |
+| 0–39 | CRITICAL |
+
+---
+
+## Installation
+
+### Via pip
+
+```bash
+pip install starker-scanner
+starker-scan example.com
+```
+
+### Via Docker
+
+```bash
+docker run --rm starkerconsulting/scanner:5.0 example.com --format html > report.html
+```
+
+### From source
+
+```bash
+git clone https://github.com/YOUR_USERNAME/starker-scanner.git
+cd starker-scanner
+pip install -r requirements.txt
+python scanner.py example.com
+```
+
+---
+
+## Usage
+
+```bash
+# Basic scan (JSON output)
+python scanner.py example.com
+
+# HTML report
+python scanner.py example.com --format html
+
+# CSV export
+python scanner.py example.com --format csv
+
+# Custom output path
+python scanner.py example.com --format html --output /reports/example
+
+# Skip slow modules
+python scanner.py example.com --skip-whois --skip-subdomains
+
+# Verbose (shows all headers)
+python scanner.py example.com --verbose
+
+# Adjust performance
+python scanner.py example.com --timeout 20 --workers 100
+```
+
+### All flags
+
+| Flag | Default | Description |
+|---|---|---|
+| `--format` | `json` | Output format: `json`, `html`, `csv` |
+| `--output` | auto | Output file path (no extension needed) |
+| `--timeout` | `12` | Request timeout in seconds |
+| `--workers` | `60` | Parallel threads for port scanning |
+| `--skip-whois` | off | Skip WHOIS lookup |
+| `--skip-ports` | off | Skip port scanning |
+| `--skip-subdomains` | off | Skip subdomain enumeration |
+| `--verbose` | off | Show all response headers |
+
+---
+
+## Output examples
+
+### Terminal summary
+
+```
+============================================================
+  [+] Executive Summary
+============================================================
+  Target            : example.com
+  Score             : 74/100
+  Risk              : MODERATE
+  Penalties         : 6
+  Open ports        : 3
+  Subdomains found  : 4
+  WAF/CDN           : Cloudflare
+  Scan duration     : 14.32s
+```
+
+### HTML report
+
+Full visual report with color-coded findings, organized tables for SSL, DNS, WHOIS, open ports, subdomains, and all HTTP headers.
+
+### JSON report
+
+Structured output for integration with SIEM, dashboards, or custom pipelines.
+
+---
+
+## Requirements
+
+- Python 3.9+
+- `requests`
+- `python-whois`
+- `dnspython` (optional — enhances DNS analysis)
+
+---
+
+## Legal
+
+This tool is intended for **defensive security auditing only**.
+
+Run it exclusively on:
+- Domains you own
+- Domains you have written authorization to test
+
+Unauthorized scanning may violate local laws including the CFAA (US), Computer Misuse Act (UK), and equivalent legislation in your jurisdiction.
+
+The authors accept no liability for misuse.
+
+---
+
+## License
+
+MIT License — free for personal and commercial use.
+
+---
+
+## Built by
+
+**STARKER Consulting** — Business intelligence and infrastructure security for physical and digital enterprises.