Share
## https://sploitus.com/exploit?id=B6B51F2E-35A5-5EC7-A1EA-2F166E5377CD
# ๐Ÿ›ก๏ธ AI-powered Security Scanner Platform

> **A next-generation security scanning platform that integrates AI with vulnerability scanning to achieve intelligent decision-making, automatic validation, and precise noise reduction.**

[![Python](https://img.shields.io/badge/Python-3.9%2B-blue)](https://www.python.org/)  
[![License](https://img.shields.io/badge/License-MIT-green)](LICENSE)  
[![AI](https://img.shields.io/badge/AI-DeepSeek%20%7C%20OpenAI-orange])(https://img.shields.io/badge/AI-DeepSeek%20%7C%20OpenAI-orange)

---

## ๐Ÿ“– Project Overview

This project is an **AI-driven automated security scanning platform**. The core concept involves integrating large language models (LLMs) with various security scanning tools to achieve the following features:

- **Intelligent Decision-Making**: Based on information such as service fingerprints, protocol characteristics, and path structures, AI automatically determines the most suitable scanning strategy and PoC type.
- **Automatic Validation**: After identifying suspected vulnerabilities, the system automatically applies the appropriate PoC for further validation.
- **AI Noise Reduction**: Second-level analysis of response data significantly reduces false positives.
- **Closed-Loop Management**: Validated data and risk levels are fed back into the security baseline database, enabling dynamic updates to the baseline.

---

## โœจ Key Features

### ๐Ÿ” Multi-tool Integration
| Tool | Functionality | Integration Status |
|------|--------------|------------------|
| **Katana** | Asset discovery, endpoint crawling, fingerprint extraction | โœ… Integrated |
| **Nuclei** | Template-based vulnerability scanning | โœ… Integrated |
| **Pocsuite3** | Advanced validation of PoCs | โœ… Integrated |
| **Craw1ergo** | Crawler scanning | โœ… Integrated |
| **Rad** | Browser crawler | โœ… Integrated |
| **Burp Suite** | Importing scan results | โœ… Integrated |

### ๐Ÿค– AI Intelligent Engine
- **Strategy Decision-Making**: Based on fingerprints and historical data, AI automatically selects the optimal scanning strategy.
- **Automated PoC Generation**: According to CVE descriptions, AI automatically generates validation scripts compatible with Pocsuite3.
- **Advanced Analysis**: Conducting deep analysis of scan results to distinguish real vulnerabilities from noise.
- **Fixation Suggestions**: Automatically generating recommendations for fixing vulnerabilities.

### ๐Ÿ“Š Baseline Management
- **Dynamic Baselines**: Fetching historical vulnerability distributions from DefectDojo.
- **Periodic Re-scans**: Supporting scheduled tasks for automatic scans.
- **Trend Analysis**: Tracking changes in vulnerability trends and dynamically adjusting security policies.

---

## ๐Ÿš€ Get Started

### Environment Requirements
- Python 3.9+
- Go 1.20+ (for running Katana, Nuclei, etc.)
- Java 11+ (for Burp Suite)

### Installation Steps
```bash
# 1. Clone the repository
git clone https://github.com/yourusername/ai-security-scanner.git
cd ai-security-scanner

# 2. Install Python dependencies
pip install -r requirements.txt

# 3. Install external tools
# Katana
go install github.com/projectdiscovery/katana/cmd/katana@latest

# Nuclei
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest

# Nuclei templates
nuclei -ut

# Pocsuite3
pip install pocsuite3

# Craw1ergo (optional)
go install github.com/0x727/Craw1ergo@latest

# Rad (optional)
go install github.com/chaitin/rad@latest
```

### Configuration
Edit the configuration section in `scanner_pipeline.py`:
```python
# API Configuration
OPENAI_API_KEY = "your-api-key"
OPENAI_API_BASE = "https://api.deepseek.com/v1"  # Or OpenAI's URL

# DefectDojo Configuration
DOJO_URL = "http://localhost:8080/api/v2/findings/"
DOJO_TOKEN = "your-dojo-token"

# Scan Targets
TARGET_URLS = [
    "http://127.0.0.1:3000",
    # Add more targets...
]
```

### Run
```bash
# Single scan
python scanner_pipeline.py
```

# Start the scheduled scanning service
python scheduler.py

# Import Burp Suite scan results
python burp_importer.py --input burp_scan.json

# Run Craw1ergo scanning
python craw1ergo_runner.py --target http://example.com

# Run Rad scanning
python rad_runner.py --target http://example.com

---

## ๐Ÿ—๏ธ Project Architecture

```
ai-security-scanner/
โ”œโ”€โ”€ scanner_pipeline.py      # Main scanning pipeline (Katana โ†’ AI decisioning โ†’ Nuclei โ†’ PoC verification โ†’ AI analysis โ†’ Storage)
โ”œโ”€โ”€ poc_manager.py          # AI PoC script generator
โ”œโ”€โ”€ scheduler.py            # Scheduled scheduler (periodic re-scans)
โ”œโ”€โ”€ burp_importer.py        # Burp Suite results importer
โ”œโ”€โ”€ craw1ergo_runner.py     # Craw1ergo scanning executor
โ”œโ”€โ”€ rad_runner.py           # Rad scanning executor
โ”œโ”€โ”€ baseline_manager.py       # Baseline dynamic update manager
โ”œโ”€โ”€ requirements.txt         # Python dependencies
โ”œโ”€โ”€ README.md               # Project documentation
โ”œโ”€โ”€ endpoints.json           # Katana output endpoints
โ”œโ”€โ”€ nuclei_results.json      # Nuclei scan results
โ”œโ”€โ”€ targets.txt             # List of scan targets
โ”œโ”€โ”€ pocs/                 # Pocsuite3 verification script directory
โ”‚         โ”œโ”€โ”€ CVE-1999-0016.py
โ”‚         โ”œโ”€โ”€ CVE-2022-36883.py
โ”‚         โ””โ”€โ”€ example.py
โ”œโ”€โ”€ config/               # Configuration files directory
โ”‚         โ””โ”€โ”€ scanner_config.yaml
โ”œโ”€โ”€ logs/                # Log directory
โ”‚         โ””โ”€โ”€ scanner.log
```

## ๐Ÿ”„ Workflow

```
โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€>
โ”‚ AI Security Scanning Platform Workflow โ”‚
โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€>
   1๏ธโƒฃ Asset collection phase
   โ”œโ”€โ”€ Katana โ†’ Endpoint crawling + fingerprint extraction
   โ”œโ”€โ”€ Craw1ergo โ†’ Deep crawling
   โ”œโ”€โ”€ Rad โ†’ Browser crawling
   โ””โ”€โ”€ Burp Suite โ†’ Import existing scan results

2๏ธโƒฃ AI strategy decisioning phase
   โ””โ”€โ”€ DeepSeek/OpenAI โ†’ Generate optimal scanning strategies based on fingerprints and historical data

3๏ธโƒฃ Vulnerability scanning phase
   โ”œโ”€โ”€ Nuclei โ†’ Template-based vulnerability matching
   โ””โ”€โ”€ Pocsuite3 โ†’ Deep PoC verification

4๏ธโƒฃ AI analysis phase
   โ””โ”€โ”€ DeepSeek/OpenAI โ†’ Deep analysis of response packets + false positive filtering

5๏ธโƒฃ Result management phase
   โ”œโ”€โ”€ DefectDojo โ†’ Vulnerability storage
   โ”œโ”€โ”€ Baseline updates โ†’ Dynamic security baseline adjustment
   โ””โ”€โ”€ Fix suggestions โ†’ Automatically generate repair plans

6๏ธโƒฃ Periodic re-scans
   โ””โ”€โ”€ Scheduler โ†’ Scheduled tasks + trend analysis
```

## ๐Ÿ“ฆ Module Descriptions

### `scanner_pipeline.py` โ€“ Main scanning pipeline
The core scanning engine, integrating the entire scanning process:
- Retrieves historical baselines from DefectDojo
- Katana asset discovery and fingerprint extraction
- AI intelligent strategy decisioning (Instructor + DeepSeek)
- Nuclei vulnerability scanning
- Pocsuite3 PoC verification
- AI secondary analysis and noise reduction
- Results are pushed to DefectDojo

### `poc_manager.py` โ€“ AI PoC generator
- Scans CVE documents in the GitHub repository
- Automatically generates Pocsuite3-compatible verification scripts using AI
- Supports batch generation and deduplication

### `scheduler.py` โ€“ Scheduled scheduler
- Supports Cron expression configuration for scheduled tasks
- Periodically executes the entire scanning pipeline
- Automatically records the history of scans

### Support for Multi-target Parallel Scheduling

#### `baseline_manager.py` โ€“ Baseline Manager  
- Reads historical vulnerability data from DefectDojo  
- Calculates vulnerability trends and risk scores  
- Dynamically updates security baseline configurations  
- Generates reports on changes to baselines  

#### `burp_importer.py` โ€“ Burp Suite Importer  
- Parses Burp Suite XML/JSON scan reports  
- Extracts vulnerability information and request/response data  
- Automatically triggers AI analysis processes  
- Pushes results to DefectDojo  

#### `craw1ergo_runner.py` โ€“ Craw1ergo Executor  
- Calls Craw1ergo for deep web crawling  
- Extracts page structure and sensitive paths  
- Automatically integrates results into mainstream logs  

#### `rad_runner.py` โ€“ Rad Executor  
- Calls Rad for browser crawling  
- Supports JavaScript-rendered pages  
- Automatically integrates results into mainstream logs  

---

## ๐Ÿ”ง Configuration Instructions

### Scheduled Scan Configuration (scheduler.py)

```python
# Scans at 2 AM every day
SCHEDULE_CONFIG = {
    "cron_expression": "0 2 * * *",
    "targets": ["http://127.0.0.1:3000"],
    "scan_mode": "full"  # full / quick
}
```

### Baseline Management Configuration (baseline_manager.py)

```python
# Baseline update policy
BASELINE_CONFIG = {
    "update_interval_days": 7,      # Baseline update interval (days)
    "confidence_threshold": 80,     # Confidence threshold
    "trend_window": 30,             # Trend analysis window (days)
    "auto_update": True             # Whether to automatically update baselines
}
```

---

## ๐Ÿ“Š Output Examples

### AI Analysis Results
```json
{
  "is_true_vulnerability": true,
  "confidence_score": 92,
  "reasoning": "The response packet contained sensitive configuration file content, and the status code was 200, not a false positive of 404/403",
  "remediation_steps": "1. Restrict direct access to configuration files\n2. Configure the web server to reject directory traversal attacks\n3. Remove unnecessary sensitive files"
}
```

### Baseline Report
```json
{
  "target": "http://127.0.0.1:3000",
  "scan_date": "2026-05-12",
  "total_findings": 15,
  "new_findings": 3,
  "resolved_findings": 2,
  "trend": "increasing",
  "risk_score": 72
}
```

---

## ๐Ÿค Contribution Guide

Welcome to contribute! Follow these steps:

1. Fork this repository
2. Create a feature branch (`git checkout -b feature/AmazingFeature`)
3. Commit your changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the branch (`git push origin feature/AmazingFeature`)
5. Submit a pull request

---

## ๐Ÿ“„ License

This project uses MIT license โ€“ see the [LICENSE](LICENSE) file for details

---

## ๐Ÿ™ Thank You

- [ProjectDiscovery](https://github.com/projectdiscovery) โ€“ Katana & Nuclei  
- [Pocsuite3](https://github.com/knownsec/pocsuite3) โ€“ PoC framework  
- [Instructor](https://github.com/jxnl/instructor) โ€“ AI-structured output  
- [DefectDojo](https://github.com/DefectDojo/django-DefectDojo) โ€“ Vulnerability management platform  
- [DeepSeek](https://deepseek.com) โ€“ Large language model support  

---

## ๐Ÿ“ง Contact Information

Project maintainer โ€“ [Your Name](mailto:your-email@example.com)

Project link: [https://github.com/yourusername/ai-security-scanner](https://github.com/yourusername/ai-security-scanner)