Building a Free Port Scanner with Python, Flask, and Nmap 🛡️

#cybersecurity #python #networking #tutorial

Hello devs! 👋

I recently built a comprehensive security tool suite called CyberScanTool, and I wanted to share the technical journey of building the Port Scanner module.

If you're interested in cybersecurity or backend development with Python, this guide is for you.

🚀 The Goal

I wanted to create a fast, web-based port scanner that:

Is completely free (no login required).
Runs on a lightweight Flask backend.
Uses Nmap for reliable scanning.
Returns results instantly via AJAX.

You can try the live demo here: 👉 Free Port Scanner Tool

🛠️ The Tech Stack

Backend: Python 3.13 + Flask 3.1
Scanner Engine: Nmap (Network Mapper)
Frontend: Vanilla JS + CSS3 (No heavy frameworks)
Server: Nginx + Gunicorn on DigitalOcean

💻 The Code Logic

Here is the simplified core logic of how the scanner works.

1. The Route Handler

We use Flask to handle the POST request. It's crucial to validate the input to prevent command injection.

import subprocess
from flask import Flask, request, jsonify

app = Flask(__name__)

@app.route('/scan', methods=['POST'])
def scan_ports():
    target = request.form.get('target')

    # 1. Input Validation (Crucial!)
    if not is_valid_domain(target):
        return jsonify({'error': 'Invalid domain'}), 400

    # 2. Run Nmap
    try:
        # -Pn: Treat host as online (skip ping)
        # -T4: Aggressive timing (faster)
        # --top-ports 20: Scan only most common ports
        cmd = ['nmap', '-Pn', '-T4', '--top-ports', '20', target]

        result = subprocess.run(
            cmd, 
            capture_output=True, 
            text=True, 
            timeout=30
        )

        return jsonify({'output': result.stdout})

    except subprocess.TimeoutExpired:
        return jsonify({'error': 'Scan timed out'}), 504

2. Optimizing Performance ⚡

One of the biggest challenges was speed. Nmap can be slow if not configured correctly.

Tips for speed:

Skip DNS Resolution (-n): If you already have the IP, skip the reverse DNS lookup.
Limit Ports: Scanning all 65k ports takes forever. I limited the free tool to the top 20 critical ports (HTTP, HTTPS, SSH, FTP, etc.) for the fast scan mode.
Async Processing: For a production app, you should use a task queue like Celery. For this MVP, I used Gunicorn with gevent workers to handle concurrent requests without blocking.

🔒 Security Considerations

Allowing users to run Nmap on your server is risky. Here is how I secured it:

Input Sanitization: I wrote a strict regex to allow only valid domain names and IPs.
Rate Limiting: I used Flask-Limiter to prevent abuse (e.g., 5 scans per minute per session).
Private Network Blocking: The scanner is configured to block scanning of local IPs (127.0.0.1, 192.168.x.x) to prevent SSRF (Server-Side Request Forgery) attacks.