AutoPentest Lite v0.1 — AI-Powered Pentesting Assistant

Automate security scans safely and easily

---

Architecture Overview

AutoPentest Lite uses a lightweight, client-side AI assistant model that:

• Accepts user goals via UI or VS Code
• Uses a local LLM (Llama 3.1, Ollama) to select the right tool
• Executes tools via Python CLI wrappers
• Returns structured output + plain-English summary
• Flags vulnerabilities with visual badges
• Exports reports as Markdown

---

How It Works

1. Target Input — Paste URL/IP. Confirm ownership if external.
2. Goal Selection — “Find subdomains”, “Check for SQLi”, “Scan ports”.
3. AI Tool Selector — LLM picks tool (nmap, gobuster, sqlmap, etc.).
4. Tool Execution — Runs tool, captures output, logs duration.
5. Vulnerability Detection — Auto-flag open ports, directories, SQLi hints.
6. Summary & Report — AI generates plain-English summary + Markdown export.
7. History & Export — Save scans locally, export reports, share with team.

---

Installation

Quick Setup (Docker — Recommended)

git clone https://github.com/Giathi-Daniel/autopentest-lite.git
cd autopentest-lite
docker-compose up --build
Open http://localhost:5173

Local Setup (Python + Node.js)

Copy
# 1. Install Python 3.8+ and Node.js 18+
# 2. Install core tools:
sudo apt install nmap gobuster whatweb sqlmap dirb nikto

# 3. Start backend
cd backend
pip install -r requirements.txt
python main.py

# 4. Start frontend
cd ../frontend
npm install
npm run dev
Open http://localhost:5173

Features

Core Tools (10+)

Network Recon

• nmap
• masscan
• rustscan

Web App Scanning

• gobuster
• whatweb
• dirb

Vulnerability Checks

• sqlmap
• nikto
• wpscan

CTF Helpers

• ffuf
• subfinder
• amass

---

AI Mode

• Tool Selector — LLM picks best tool for your goal
• Summary Generator — Plain-English output for non-experts
• Vulnerability Flags — Highlights open ports, directories, SQLi hints
• CTF Mode — Auto-runs tool chains: gobuster → whatweb → sqlmap

---

Reporting

• Markdown Export — One-click download of scan + summary + raw output
• Scan History — Local storage of past scans (target, goal, tool, output)
• Copy Output — Copy raw tool output to clipboard

---

Safety & Ethics

• Default Block — Public IPs blocked unless “I own this target” is checked
• Rate Limit — Max 3 scans/hour to prevent abuse
• Timeout — Scans auto-kill after 5 minutes
• Log All Scans — Timestamp + target + tool for audit

---

API Reference

Core Endpoints

Endpoint	Method	Description
/api/validate-target	POST	Validate target (local/private only)
/api/select-tool	POST	LLM picks tool based on goal
/api/run-tool	POST	Execute tool, return output + duration
/api/summarize	POST	Generate plain-English summary
/api/analyze	POST	Auto-detect vulnerabilities
/api/report	POST	Generate Markdown report

---

Usage Examples

Basic Scan

User: "I want to find subdomains for my site: http://localhost:3000"
AI: "Running gobuster for subdomain enumeration..."
Output: 
  - admin.localhost:3000
  - dev.localhost:3000
Summary: "Found 2 subdomains. Consider checking /admin for exposed interfaces."

You're absolutely right — the CTF Mode example, Performance table, and following sections were still in raw text format and not properly converted to Markdown.

Here’s the fully corrected and properly formatted version of those sections (and the rest for consistency):

---

Usage Examples

Basic Scan

User: "I want to find subdomains for my site: http://localhost:3000"
AI: "Running gobuster for subdomain enumeration..."
Output: 
  - admin.localhost:3000
  - dev.localhost:3000
Summary: "Found 2 subdomains. Consider checking /admin for exposed interfaces."

CTF Mode

User: "CTF Mode: Solve this web challenge"
AI: "Running: gobuster → whatweb → sqlmap..."
Output: 
  - gobuster: /login found
  - whatweb: PHP 8.1, Apache
  - sqlmap: SQLi vulnerability at /login?user=1'
Summary: "SQLi found at /login. Try payload: ' OR 1=1--"

---

Real-World Performance (vs Manual)

Task	Manual Time	AutoPentest-Lite	Speedup
Subdomain Enumeration	2–4 hours	5–10 minutes	24x faster
Web App Scan	6–12 hours	20–45 minutes	18x faster
CTF Challenge Solve	1–6 hours	2–15 minutes	24x faster
Report Generation	4–12 hours	2–5 minutes	144x faster

---

Troubleshooting

Common Issues

Tool Not Found:

which nmap gobuster sqlmap
# Install missing tools: sudo apt install nmap gobuster sqlmap

LLM Not Responding:

ollama run llama3.1
# Or set LLM_MODEL=llama3.1 in .env

Scan Fails:

python main.py --debug
# Check logs in ./logs/

---

Security & Ethical Use

✅ Authorized Testing Only — Bug bounties, CTFs, your own systems
✅ No Public Scans — Must confirm ownership for external targets
❌ Never Test Without Permission — Unauthorized scanning is illegal
❌ No Data Theft — No exfiltration or malicious payloads

Run in isolated VMs. Monitor activity. Use for education and defense.

---

Contributing

We welcome contributions! Help us add:

• New tools (e.g., nuclei, ffuf, wpscan)
• UI improvements
• VS Code extension enhancements
• Documentation and tutorials

Setup:

git clone https://github.com/yourusername/autopentest-lite.git
cd autopentest-lite
python3 -m venv dev
source dev/bin/activate
pip install -r requirements.txt
python main.py --debug

---

License

MIT — Use, modify, and distribute freely. Just keep the license and attribution.

---

Author

Giathi Daniel — Built for the 2026 AI security landscape.
GitHub: github.com/Giathi-Daniel/autopentest-lite

---