Share
## https://sploitus.com/exploit?id=B6B51F2E-35A5-5EC7-A1EA-2F166E5377CD
# ๐ก๏ธ AI-powered Security Scanner Platform
> **A next-generation security scanning platform that integrates AI with vulnerability scanning to achieve intelligent decision-making, automatic validation, and precise noise reduction.**
[](https://www.python.org/)
[](LICENSE)
[(https://img.shields.io/badge/AI-DeepSeek%20%7C%20OpenAI-orange)
---
## ๐ Project Overview
This project is an **AI-driven automated security scanning platform**. The core concept involves integrating large language models (LLMs) with various security scanning tools to achieve the following features:
- **Intelligent Decision-Making**: Based on information such as service fingerprints, protocol characteristics, and path structures, AI automatically determines the most suitable scanning strategy and PoC type.
- **Automatic Validation**: After identifying suspected vulnerabilities, the system automatically applies the appropriate PoC for further validation.
- **AI Noise Reduction**: Second-level analysis of response data significantly reduces false positives.
- **Closed-Loop Management**: Validated data and risk levels are fed back into the security baseline database, enabling dynamic updates to the baseline.
---
## โจ Key Features
### ๐ Multi-tool Integration
| Tool | Functionality | Integration Status |
|------|--------------|------------------|
| **Katana** | Asset discovery, endpoint crawling, fingerprint extraction | โ
Integrated |
| **Nuclei** | Template-based vulnerability scanning | โ
Integrated |
| **Pocsuite3** | Advanced validation of PoCs | โ
Integrated |
| **Craw1ergo** | Crawler scanning | โ
Integrated |
| **Rad** | Browser crawler | โ
Integrated |
| **Burp Suite** | Importing scan results | โ
Integrated |
### ๐ค AI Intelligent Engine
- **Strategy Decision-Making**: Based on fingerprints and historical data, AI automatically selects the optimal scanning strategy.
- **Automated PoC Generation**: According to CVE descriptions, AI automatically generates validation scripts compatible with Pocsuite3.
- **Advanced Analysis**: Conducting deep analysis of scan results to distinguish real vulnerabilities from noise.
- **Fixation Suggestions**: Automatically generating recommendations for fixing vulnerabilities.
### ๐ Baseline Management
- **Dynamic Baselines**: Fetching historical vulnerability distributions from DefectDojo.
- **Periodic Re-scans**: Supporting scheduled tasks for automatic scans.
- **Trend Analysis**: Tracking changes in vulnerability trends and dynamically adjusting security policies.
---
## ๐ Get Started
### Environment Requirements
- Python 3.9+
- Go 1.20+ (for running Katana, Nuclei, etc.)
- Java 11+ (for Burp Suite)
### Installation Steps
```bash
# 1. Clone the repository
git clone https://github.com/yourusername/ai-security-scanner.git
cd ai-security-scanner
# 2. Install Python dependencies
pip install -r requirements.txt
# 3. Install external tools
# Katana
go install github.com/projectdiscovery/katana/cmd/katana@latest
# Nuclei
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
# Nuclei templates
nuclei -ut
# Pocsuite3
pip install pocsuite3
# Craw1ergo (optional)
go install github.com/0x727/Craw1ergo@latest
# Rad (optional)
go install github.com/chaitin/rad@latest
```
### Configuration
Edit the configuration section in `scanner_pipeline.py`:
```python
# API Configuration
OPENAI_API_KEY = "your-api-key"
OPENAI_API_BASE = "https://api.deepseek.com/v1" # Or OpenAI's URL
# DefectDojo Configuration
DOJO_URL = "http://localhost:8080/api/v2/findings/"
DOJO_TOKEN = "your-dojo-token"
# Scan Targets
TARGET_URLS = [
"http://127.0.0.1:3000",
# Add more targets...
]
```
### Run
```bash
# Single scan
python scanner_pipeline.py
```
# Start the scheduled scanning service
python scheduler.py
# Import Burp Suite scan results
python burp_importer.py --input burp_scan.json
# Run Craw1ergo scanning
python craw1ergo_runner.py --target http://example.com
# Run Rad scanning
python rad_runner.py --target http://example.com
---
## ๐๏ธ Project Architecture
```
ai-security-scanner/
โโโ scanner_pipeline.py # Main scanning pipeline (Katana โ AI decisioning โ Nuclei โ PoC verification โ AI analysis โ Storage)
โโโ poc_manager.py # AI PoC script generator
โโโ scheduler.py # Scheduled scheduler (periodic re-scans)
โโโ burp_importer.py # Burp Suite results importer
โโโ craw1ergo_runner.py # Craw1ergo scanning executor
โโโ rad_runner.py # Rad scanning executor
โโโ baseline_manager.py # Baseline dynamic update manager
โโโ requirements.txt # Python dependencies
โโโ README.md # Project documentation
โโโ endpoints.json # Katana output endpoints
โโโ nuclei_results.json # Nuclei scan results
โโโ targets.txt # List of scan targets
โโโ pocs/ # Pocsuite3 verification script directory
โ โโโ CVE-1999-0016.py
โ โโโ CVE-2022-36883.py
โ โโโ example.py
โโโ config/ # Configuration files directory
โ โโโ scanner_config.yaml
โโโ logs/ # Log directory
โ โโโ scanner.log
```
## ๐ Workflow
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ>
โ AI Security Scanning Platform Workflow โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ>
1๏ธโฃ Asset collection phase
โโโ Katana โ Endpoint crawling + fingerprint extraction
โโโ Craw1ergo โ Deep crawling
โโโ Rad โ Browser crawling
โโโ Burp Suite โ Import existing scan results
2๏ธโฃ AI strategy decisioning phase
โโโ DeepSeek/OpenAI โ Generate optimal scanning strategies based on fingerprints and historical data
3๏ธโฃ Vulnerability scanning phase
โโโ Nuclei โ Template-based vulnerability matching
โโโ Pocsuite3 โ Deep PoC verification
4๏ธโฃ AI analysis phase
โโโ DeepSeek/OpenAI โ Deep analysis of response packets + false positive filtering
5๏ธโฃ Result management phase
โโโ DefectDojo โ Vulnerability storage
โโโ Baseline updates โ Dynamic security baseline adjustment
โโโ Fix suggestions โ Automatically generate repair plans
6๏ธโฃ Periodic re-scans
โโโ Scheduler โ Scheduled tasks + trend analysis
```
## ๐ฆ Module Descriptions
### `scanner_pipeline.py` โ Main scanning pipeline
The core scanning engine, integrating the entire scanning process:
- Retrieves historical baselines from DefectDojo
- Katana asset discovery and fingerprint extraction
- AI intelligent strategy decisioning (Instructor + DeepSeek)
- Nuclei vulnerability scanning
- Pocsuite3 PoC verification
- AI secondary analysis and noise reduction
- Results are pushed to DefectDojo
### `poc_manager.py` โ AI PoC generator
- Scans CVE documents in the GitHub repository
- Automatically generates Pocsuite3-compatible verification scripts using AI
- Supports batch generation and deduplication
### `scheduler.py` โ Scheduled scheduler
- Supports Cron expression configuration for scheduled tasks
- Periodically executes the entire scanning pipeline
- Automatically records the history of scans
### Support for Multi-target Parallel Scheduling
#### `baseline_manager.py` โ Baseline Manager
- Reads historical vulnerability data from DefectDojo
- Calculates vulnerability trends and risk scores
- Dynamically updates security baseline configurations
- Generates reports on changes to baselines
#### `burp_importer.py` โ Burp Suite Importer
- Parses Burp Suite XML/JSON scan reports
- Extracts vulnerability information and request/response data
- Automatically triggers AI analysis processes
- Pushes results to DefectDojo
#### `craw1ergo_runner.py` โ Craw1ergo Executor
- Calls Craw1ergo for deep web crawling
- Extracts page structure and sensitive paths
- Automatically integrates results into mainstream logs
#### `rad_runner.py` โ Rad Executor
- Calls Rad for browser crawling
- Supports JavaScript-rendered pages
- Automatically integrates results into mainstream logs
---
## ๐ง Configuration Instructions
### Scheduled Scan Configuration (scheduler.py)
```python
# Scans at 2 AM every day
SCHEDULE_CONFIG = {
"cron_expression": "0 2 * * *",
"targets": ["http://127.0.0.1:3000"],
"scan_mode": "full" # full / quick
}
```
### Baseline Management Configuration (baseline_manager.py)
```python
# Baseline update policy
BASELINE_CONFIG = {
"update_interval_days": 7, # Baseline update interval (days)
"confidence_threshold": 80, # Confidence threshold
"trend_window": 30, # Trend analysis window (days)
"auto_update": True # Whether to automatically update baselines
}
```
---
## ๐ Output Examples
### AI Analysis Results
```json
{
"is_true_vulnerability": true,
"confidence_score": 92,
"reasoning": "The response packet contained sensitive configuration file content, and the status code was 200, not a false positive of 404/403",
"remediation_steps": "1. Restrict direct access to configuration files\n2. Configure the web server to reject directory traversal attacks\n3. Remove unnecessary sensitive files"
}
```
### Baseline Report
```json
{
"target": "http://127.0.0.1:3000",
"scan_date": "2026-05-12",
"total_findings": 15,
"new_findings": 3,
"resolved_findings": 2,
"trend": "increasing",
"risk_score": 72
}
```
---
## ๐ค Contribution Guide
Welcome to contribute! Follow these steps:
1. Fork this repository
2. Create a feature branch (`git checkout -b feature/AmazingFeature`)
3. Commit your changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the branch (`git push origin feature/AmazingFeature`)
5. Submit a pull request
---
## ๐ License
This project uses MIT license โ see the [LICENSE](LICENSE) file for details
---
## ๐ Thank You
- [ProjectDiscovery](https://github.com/projectdiscovery) โ Katana & Nuclei
- [Pocsuite3](https://github.com/knownsec/pocsuite3) โ PoC framework
- [Instructor](https://github.com/jxnl/instructor) โ AI-structured output
- [DefectDojo](https://github.com/DefectDojo/django-DefectDojo) โ Vulnerability management platform
- [DeepSeek](https://deepseek.com) โ Large language model support
---
## ๐ง Contact Information
Project maintainer โ [Your Name](mailto:your-email@example.com)
Project link: [https://github.com/yourusername/ai-security-scanner](https://github.com/yourusername/ai-security-scanner)