Cyber Net

AI-Powered Network Security Analysis & Autonomous Penetration Testing Platform

Cyber Net is an autonomous offensive security orchestrator that visualizes network topologies, identifies vulnerabilities using threat intelligence (MITRE ATT&CK, EPSS, CVSS, CISA KEV), and generates executable attack playbooks through multi-model AI.

Features

• 🔍 Three-Tier Scanning

  • Standard Scan: Fast vulnerability discovery using Grok (X.AI) via OpenRouter
  • Grounded Scan: Real-time threat intelligence with Gemini + Google Search
  • Deep Scan: Complex attack chain analysis using Gemini 2.5 Pro with extended thinking

• 🎯 Explainable Threat Scoring: Transparent prioritization using EPSS (55%), Environment Fit (20%), CVSS (5%), and KEV status (+20%)

• 🤖 Autonomous Playbooks: AI-generated step-by-step exploitation sequences with executable shell commands

• 🌐 Interactive Network Visualization: Custom SVG-based topology with real-time attack simulation and blast radius calculation

• 📊 Comprehensive Reports: AI-generated security posture analysis with attack surface identification

• 🛡️ Blue Team Response Book: Mitigation tracking with assignee management and status workflows

Prerequisites

• Node.js 20 or higher
• Gemini API key (get at: https://ai.google.dev/)
• OpenRouter API key (get at: https://openrouter.ai/)

Setup

1. Clone the repository:

   git clone <repository-url>
   cd BLOOP

2. Install dependencies:

   npm install

3. Create .env.local file:

   VITE_GEMINI_API_KEY=your_gemini_api_key_here
   VITE_OPENROUTER_API_KEY=your_openrouter_api_key_here

4. Run the development server:

   npm run dev

5. Open http://localhost:3000 in your browser

Usage

1. Network Scan: Click the "Network Scan" button to initialize the topology
2. Device Analysis: Click any device to view details and run vulnerability scans
3. Review Recommendations: Check the "Recommendations" tab for prioritized attack vectors
4. View Exploit Steps: Click "Steps" on any recommendation to see executable commands
5. Execute Attacks: Confirm attack execution to simulate impact and visualize blast radius
6. Track Mitigations: Use the "Response Book" tab to manage defensive actions

Deployment

Vercel

npm run build
vercel --prod

Set environment variables in Vercel dashboard:

• VITE_GEMINI_API_KEY
• VITE_OPENROUTER_API_KEY

Netlify

npm run build
netlify deploy --prod

Set environment variables in Netlify dashboard.

Docker

docker build -t cyber-net .
docker run -p 80:80 cyber-net

Note: Environment variables must be set at build time for client-side access.

Architecture

• Frontend: React 19 + TypeScript + Vite
• AI Models:
  • X.AI Grok (via OpenRouter) - Standard scans
  • Google Gemini 2.5 Flash - Grounded scans with search
  • Google Gemini 2.5 Pro - Deep scans with extended thinking
• Threat Intelligence: MITRE ATT&CK, FIRST EPSS, CISA KEV, NVD/CVSS
• Visualization: Custom SVG engine with graph-based algorithms

Security Notice

⚠️ Authorized Use Only

Cyber Net is designed for controlled penetration testing in authorized lab and staging environments. All attack execution requires explicit operator approval. Unauthorized use against production systems or third-party networks is illegal and unethical.

License

MIT License - See LICENSE file for details

Acknowledgments

• MITRE ATT&CK Framework
• FIRST EPSS Project
• CISA Known Exploited Vulnerabilities Catalog
• Google Gemini AI
• X.AI & OpenRouter