Share
## https://sploitus.com/exploit?id=5F4BCCAA-DB78-544D-9169-F1640297950C
# Agentic Vulnerability Monitor POC

An AI-powered, automated vulnerability monitoring system that detects critical vulnerabilities early, assesses local impact, and sends intelligent email alerts โ€” **only when something changes**.

Built with **CrewAI**, **OpenAI**, and fast open-source intelligence sources (OSV.dev, GitHub Advisories, CISA KEV, optional GreyNoise/NVD).

Perfect for developers, security enthusiasts, and teams wanting proactive defense against high-impact vulnerabilities (e.g., React2Shell-style RCEs in npm/React ecosystem).

**Features**
- Multi-source vulnerability detection (faster than NVD)
- Local `package.json` audit for vulnerable versions
- Server log scanning for exploit patterns
- AI-generated consolidated reports with executive summary and recommendations
- Email alerts **only on changes** (no spam!)
- Designed for 24/7 cloud deployment (e.g., PythonAnywhere)

**Status**: Working local POC โ€” cloud deployment in progress.

---

### Why This Exists

Traditional vulnerability management relies on slow feeds (NVD) or noisy tools. This POC combines:
- **Speed**: OSV.dev + GitHub Advisories = earliest detection
- **Relevance**: CISA KEV = only actively exploited vulns
- **Intelligence**: AI agents reason across sources and your environment
- **Actionability**: Clear reports + change-based alerting

Tested on real-world critical CVE-2025-55182 (React Server Components RCE).

---

### Project Structure

vulnerability_monitoring/
โ”œโ”€โ”€ vuln_monitor_daemon.py      # Main script with agents, tools, and scheduler
โ”œโ”€โ”€ package.json                # Example (vulnerable) app for testing
โ”œโ”€โ”€ server_logs.txt             # Example logs with suspicious patterns
โ”œโ”€โ”€ last_vuln_report.txt        # Auto-generated: tracks previous report to avoid duplicates
โ”œโ”€โ”€ vuln_report_*.txt           # Timestamped full reports
โ”œโ”€โ”€ .env.example                # Template for required secrets (DO NOT commit real .env)
โ”œโ”€โ”€ .gitignore                  # Protects secrets and venv
โ””โ”€โ”€ README.md                   # This file

---

2. Install Python 3.12 or 3.13 (recommended โ€” from python.org)

3. Create and activate virtual environment
python3.12 -m venv venv
source venv/bin/activate    # On Windows: venv\Scripts\activate

4. Install dependencies

pip install crewai openai python-dotenv requests semver schedule

5. Create your secrets file

cp .env.example .env
Edit .env with your real values:

OPENAI_API_KEY=sk-your-openai-key
GMAIL_APP_PASSWORD=your-16-char-app-password
EMAIL_FROM=your.email@gmail.com
EMAIL_TO=alert.recipient@example.com
# Optional
GREYNOISE_API_KEY=your-greynoise-key
NVD_API_KEY=your-nvd-key

Never commit .env โ€” it's already in .gitignore

6. Run the monitor

python vuln_monitor_daemon.py

On first run:Full report printed
Email alert sent (check inbox/spam)
Report saved as vuln_report_*.txt

Subsequent runs: only alerts if report changes (e.g., you patch a package).