Add HTML report generation with dark theme
Implements comprehensive HTML report generation from JSON scan data with Jinja2 templates. Reports feature a dark slate theme with summary dashboard, drift alerts, security warnings, and expandable service details. Features: - Dark theme HTML reports with slate/grey color scheme - Summary dashboard: scan statistics, drift alerts, security warnings - Site-by-site breakdown with IP grouping and status badges - Expandable service details and SSL/TLS certificate information - Visual badges: green (expected), red (unexpected), yellow (missing) - UDP port handling: shows expected, unexpected, and missing UDP ports - Screenshot links with relative paths for portability - Optimized hover effects for table rows - Standalone HTML output (no external dependencies) Technical changes: - Added src/report_generator.py: HTMLReportGenerator class with summary calculations - Added templates/report_template.html: Jinja2 template for dynamic reports - Added templates/report_mockup.html: Static mockup for design testing - Updated requirements.txt: Added Jinja2==3.1.2 - Updated README.md: Added HTML report generation section with usage and features - Updated CLAUDE.md: Added implementation details, usage guide, and troubleshooting Usage: python3 src/report_generator.py output/scan_report.json 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
91
README.md
91
README.md
@@ -41,6 +41,13 @@ A dockerized network scanning tool that uses masscan for fast port discovery, nm
|
||||
|
||||
### Reporting & Output
|
||||
- **Machine-readable JSON output** format for easy post-processing
|
||||
- **HTML report generation**:
|
||||
- Comprehensive HTML reports with dark theme for easy reading
|
||||
- Summary dashboard with scan statistics, drift alerts, and security warnings
|
||||
- Site-by-site breakdown with expandable service details
|
||||
- Visual badges for expected vs. unexpected services
|
||||
- SSL/TLS certificate details with expiration warnings
|
||||
- One-click generation from JSON scan data
|
||||
- **Dockerized** for consistent execution environment and root privilege isolation
|
||||
- **Expected vs. Actual comparison** to identify infrastructure drift
|
||||
- Timestamped reports with complete scan duration metrics
|
||||
@@ -269,17 +276,87 @@ Screenshots are captured on a best-effort basis:
|
||||
- Failed screenshots are logged but don't stop the scan
|
||||
- Services without screenshots simply omit the `screenshot` field in JSON output
|
||||
|
||||
## HTML Report Generation
|
||||
|
||||
SneakyScanner can generate comprehensive HTML reports from JSON scan data, providing an easy-to-read visual interface for analyzing scan results.
|
||||
|
||||
### Generating Reports
|
||||
|
||||
After completing a scan, generate an HTML report from the JSON output:
|
||||
|
||||
```bash
|
||||
# Generate HTML report (creates report in same directory as JSON)
|
||||
python3 src/report_generator.py output/scan_report_20251113_175235.json
|
||||
|
||||
# Specify custom output path
|
||||
python3 src/report_generator.py output/scan_report.json /path/to/custom_report.html
|
||||
```
|
||||
|
||||
### Report Features
|
||||
|
||||
The generated HTML report includes:
|
||||
|
||||
**Summary Dashboard**:
|
||||
- **Scan Statistics**: Total IPs scanned, TCP/UDP ports found, services identified, web services, screenshots captured
|
||||
- **Drift Alerts**: Unexpected TCP/UDP ports, missing expected services, new services detected
|
||||
- **Security Warnings**: Expiring certificates (<30 days), weak TLS versions (1.0/1.1), self-signed certificates, high port services (>10000)
|
||||
|
||||
**Site-by-Site Breakdown**:
|
||||
- Organized by logical site grouping from configuration
|
||||
- Per-IP sections with status badges (ping, port drift summary)
|
||||
- Service tables with expandable details (click any row to expand)
|
||||
- Visual badges: green (expected), red (unexpected), yellow (missing/warning)
|
||||
|
||||
**Service Details** (click to expand):
|
||||
- Product name, version, extra information, OS type
|
||||
- HTTP/HTTPS protocol detection
|
||||
- Screenshot links for web services
|
||||
- SSL/TLS certificate details (expandable):
|
||||
- Subject, issuer, validity dates, serial number
|
||||
- Days until expiration with color-coded warnings
|
||||
- Subject Alternative Names (SANs)
|
||||
- TLS version support (1.0, 1.1, 1.2, 1.3) with cipher suites
|
||||
- Weak TLS and self-signed certificate warnings
|
||||
|
||||
**UDP Port Handling**:
|
||||
- Expected UDP ports shown with green "Expected" badge
|
||||
- Unexpected UDP ports shown with red "Unexpected" badge
|
||||
- Missing expected UDP ports shown with yellow "Missing" badge
|
||||
- Note: Service detection not available for UDP (nmap limitation)
|
||||
|
||||
**Design**:
|
||||
- Dark theme with slate/grey color scheme for comfortable reading
|
||||
- Responsive layout works on different screen sizes
|
||||
- No external dependencies - single HTML file
|
||||
- Minimal JavaScript for expand/collapse functionality
|
||||
- Optimized hover effects for table rows
|
||||
|
||||
### Report Output
|
||||
|
||||
The HTML report is a standalone file that can be:
|
||||
- Opened directly in any web browser (Chrome, Firefox, Safari, Edge)
|
||||
- Shared via email or file transfer
|
||||
- Archived for compliance or historical comparison
|
||||
- Viewed without an internet connection or web server
|
||||
|
||||
Screenshot links in the report are relative paths, so keep the report and screenshot directory together.
|
||||
|
||||
## Project Structure
|
||||
|
||||
```
|
||||
SneakyScanner/
|
||||
├── src/
|
||||
│ ├── scanner.py # Main scanner application
|
||||
│ └── screenshot_capture.py # Webpage screenshot capture module
|
||||
│ ├── screenshot_capture.py # Webpage screenshot capture module
|
||||
│ └── report_generator.py # HTML report generation module
|
||||
├── templates/
|
||||
│ ├── report_template.html # Jinja2 template for HTML reports
|
||||
│ └── report_mockup.html # Static mockup for design testing
|
||||
├── configs/
|
||||
│ └── example-site.yaml # Example configuration
|
||||
├── output/ # Scan results
|
||||
│ ├── scan_report_*.json # JSON reports with timestamps
|
||||
│ ├── scan_report_*.html # HTML reports (generated from JSON)
|
||||
│ └── scan_report_*_screenshots/ # Screenshot directories
|
||||
├── Dockerfile
|
||||
├── docker-compose.yml
|
||||
@@ -298,12 +375,12 @@ Only use this tool on networks you own or have explicit authorization to scan. U
|
||||
|
||||
## Future Enhancements
|
||||
|
||||
- **HTML Report Generation**: Build comprehensive HTML reports from JSON output with:
|
||||
- Service details and SSL/TLS information
|
||||
- Visual comparison of expected vs. actual results
|
||||
- Certificate expiration warnings
|
||||
- TLS version compliance reports
|
||||
- Embedded webpage screenshots
|
||||
- **Enhanced HTML Reports**:
|
||||
- Sortable/filterable service tables with JavaScript
|
||||
- Interactive charts and graphs for trends
|
||||
- Timeline view of scan history
|
||||
- Embedded screenshot thumbnails (currently links only)
|
||||
- Export to PDF capability
|
||||
- **Comparison Reports**: Generate diff reports showing changes between scans
|
||||
- **Email Notifications**: Alert on unexpected changes or certificate expirations
|
||||
- **Scheduled Scanning**: Automated periodic scans with cron integration
|
||||
|
||||
Reference in New Issue
Block a user