Share
## https://sploitus.com/exploit?id=F9F6AB3A-C6EB-55AE-A0CC-CA5AE1EAB559
# ๐ DARKWIN โ Next-Gen Automated Security Research
### Developed by ARYAN AHIRWAR (VIPHACKER.100)
**Version 1.0.0 โ FULL RELEASE**
DARKWIN is an elite, fully autonomous security research platform designed for bug bounty hunters and red teamers. It combines traditional scanning techniques with advanced AI reasoning and 117+ specialized modules. All wordlists and payloads are now fully populated and verified for production use.
---
## ๐ Get Started
1. **Installation**:
```bash
bash setup.sh
```
2. **Initialize Database**:
```bash
python core/migrations/init_db.py
```
3. **Configure API Keys**:
Edit `config.yaml` to add your Shodan, Censys, and OpenAI/Local LLM keys.
4. **Launch Dashboard**:
```bash
cd dashboards/backend && python app.py
```
5. **Run Your First Scan**:
```bash
darkwin recon example.com --scope-file scope.json
```
---
## ๐ ๏ธ Platform Features
> โ ๏ธ **AUTHORIZED USE ONLY** โ This platform is designed strictly for ethical security research, authorized penetration testing, and bug-bounty-scoped targets. Unauthorized use is illegal. See [LEGAL.md](LEGAL.md).
---
## Overview
DARKWIN is a comprehensive, modular security research automation platform featuring 500+ scan modules, AI-powered vulnerability classification, distributed scanning, and a full-featured web dashboard. It orchestrates reconnaissance, web scanning, vulnerability detection, fuzzing, network analysis, cloud security audits, and exploit research into unified pipelines.
## Prerequisites
- **Python 3.11+**
- **PostgreSQL 15+**
- **Redis 7+**
- **Node.js 20+** (for dashboard frontend)
- External tools: `nmap`, `subfinder`, `httpx`, `nuclei`, `ffuf`, `amass`, `katana`, `sqlmap`, `dalfox`, `masscan`
## Quick Start
```bash
# 1. Clone and enter the repository
git clone && cd DARKWIN
# 2. Install Python dependencies
pip install -r requirements.txt
# 3. Install external tools
bash setup.sh
# 4. Configure
cp config.yaml.example config.yaml
# Edit config.yaml with your database URL, API keys, etc.
# 5. Initialize database
python core/migrations/init_db.py
# 6. Run the CLI
darkwin --help
# 7. Start the dashboard (optional)
docker-compose up -d
```
## Architecture
```
DARKWIN/
โโโ core/ # Engine, config, logging, CLI, pipeline, scheduler
โโโ modules/ # 500+ scan modules (recon, web, vuln, network, cloud, exploit)
โ โโโ reconnaissance/ # Subdomain, DNS, WHOIS, ASN, CT, dorking
โ โโโ attack_surface/ # Asset mapping, service ID, API detection
โ โโโ web_scanning/ # Crawler, JS analysis, param/endpoint discovery
โ โโโ vulnerability_engine/ # SQLi, XSS, CSRF, LFI, RFI, SSTI, CMDi, RCE, cloud
โ โโโ fuzzing/ # Directory, API, GraphQL, parameter fuzzing
โ โโโ network/ # Port scanning, service enum, SSL analysis
โ โโโ exploit_engine/ # CVE matching, exploit search, payload suggestions
โ โโโ post_exploitation/ # Privesc, credential access, persistence analysis
โ โโโ reporting/ # HTML, Markdown, bug bounty report generation
โ โโโ cloud_security/ # IAM, bucket, misconfig scanning
โโโ pipelines/ # Orchestrated scan workflows
โโโ ai/ # LLM-powered vuln classification & payload generation
โโโ automation/ # Auto hunter, distributed scanning
โโโ integrations/ # Shodan, Censys, VirusTotal, GitHub
โโโ dashboards/ # Flask backend + React frontend
โโโ wordlists/ # Subdomain, directory, parameter wordlists
โโโ payloads/ # XSS, SQLi, LFI, SSTI, fuzzing payloads
โโโ logs/ # Scan and system logs
โโโ reports/ # Generated reports and screenshots
โโโ tests/ # Unit and integration tests
```
## CLI Commands
```bash
darkwin recon # Run reconnaissance pipeline
darkwin scan # Run vulnerability scan pipeline
darkwin fuzz # Run fuzzing modules
darkwin exploit # Search for exploits (suggestions only)
darkwin cloud # Run cloud security checks
darkwin hunt # Full bug bounty pipeline
darkwin report # Generate reports
darkwin watch # Continuous monitoring
darkwin modules # List all available modules
darkwin dashboard # Launch web dashboard
```
## Legal Disclaimer
This tool is provided for **educational and authorized security testing purposes only**. The authors are not responsible for any misuse. Always obtain explicit written authorization before testing any system.
---
## License
MIT License โ ยฉ 2026 **ARYAN AHIRWAR (VIPHACKER.100)**