{"id":49060442,"url":"https://github.com/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer","last_synced_at":"2026-05-06T06:01:34.869Z","repository":{"id":335538380,"uuid":"1145949375","full_name":"HackerBlazeX/Offensive-AI-Attack-Path-Visualizer","owner":"HackerBlazeX","description":"🛡️ AI-powered offensive security framework that visualizes attack paths using multi-tool recon, risk scoring \u0026 OWASP mapping. Built for legal security testing \u0026 learning.","archived":false,"fork":false,"pushed_at":"2026-02-01T22:12:54.000Z","size":10513,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-02T05:48:09.639Z","etag":null,"topics":["ai-security","ai-security-tool","bug-bounty-hunting","cybersecurity","llama-cpp-python","owasp-top-10","penetration-testing-framework","red-teaming","streamlit-webapp"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HackerBlazeX.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-30T12:29:09.000Z","updated_at":"2026-02-01T22:12:57.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer","commit_stats":null,"previous_names":["hackerblazex/offensive-ai-attack-path-visualizer"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HackerBlazeX","download_url":"https://codeload.github.com/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32680890,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-06T02:33:58.958Z","status":"ssl_error","status_checked_at":"2026-05-06T02:33:39.611Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-security","ai-security-tool","bug-bounty-hunting","cybersecurity","llama-cpp-python","owasp-top-10","penetration-testing-framework","red-teaming","streamlit-webapp"],"created_at":"2026-04-20T02:00:27.297Z","updated_at":"2026-05-06T06:01:34.411Z","avatar_url":"https://github.com/HackerBlazeX.png","language":"Python","funding_links":[],"categories":["Pentest \u0026 Red Teaming Agents"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/banner.png\" alt=\"Offensive AI Banner\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/logo.png\" width=\"140\" alt=\"Offensive AI Logo\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003e🛡️ Offensive AI – Attack Path Visualizer\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong style=\"font-size:20px;\"\u003e\n    💻 Developed by Dip Kar (HackerBlazeX) 🚀\n  \u003c/strong\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong style=\"font-size:18px;\"\u003e\n    ☕ Just give a domain — relax \u0026 sip your coffee. \u003cbr\u003e\n    🤖 Offensive AI handles yours 80% of the web penetration testing task \u003cbr\u003e\n    📄 and delivers a ready-to-use report with AI-driven insights.\n  \u003c/strong\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\nAI-powered offensive security framework that transforms raw recon data into realistic, prioritised attack paths using local AI reasoning.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n⚠️ \u003cstrong\u003eFor legal \u0026 authorised security testing and educational purposes only.\u003c/strong\u003e\n\u003c/p\u003e\n\n---\n\n## 🚀 What is Offensive AI?\n\n**Offensive AI – Attack Path Visualizer** is a Windows-first offensive security framework designed to help security professionals **think like a real attacker**, not just collect tool outputs.\n\nInstead of showing scattered scan results, this framework:\n- Correlates recon \u0026 scan signals  \n- Applies AI-driven reasoning using a **local LLM (llama.cpp)**  \n- Generates **realistic attack paths**  \n- Presents everything in a clean, analyst-friendly dashboard  \n\nBuilt for **pentesters, red teamers, bug bounty hunters, and cybersecurity learners**.\n\n---\n\n## 🧠 The Problem It Solves\n\nTraditional penetration testing often suffers from:\n- Too many tools, too much noise  \n- Disconnected findings  \n- Manual decision-making fatigue  \n- Difficulty deciding *what to exploit next*\n\n**Offensive AI** bridges this gap by converting **raw technical data into structured offensive intelligence**.\n\n---\n\n## 🧠 How the Framework Works\n\n\nThe framework begins by collecting **raw signals** from multiple reconnaissance and scanning tools, such as:\n\n- DNS resolution \u0026 reachability (nslookup, ping)\n- Open ports \u0026 exposed services (Nmap)\n- Subdomains (Subfinder)\n- Live HTTP services, status codes \u0026 technologies (httpx)\n- Known misconfigurations \u0026 CVE templates (Nuclei)\n- Parameterised URLs (ParamSpider)\n- Directory \u0026 file discovery (FFUF / Dirsearch)\n- Web server misconfigurations (Nikto)\n- Input-based testing signals (SQLMap, XSStrike)\n\nAll outputs are captured **as raw text**, without modifying or exploiting the target.\n\n✔ No blind exploitation  \n✔ Detection-focused  \n✔ Scope-friendly  \n\n---\n### 2️⃣ Normalisation \u0026 Noise Reduction\n\nInstead of showing messy tool output, the framework:\n- Normalises data (domains, URLs, parameters)\n- De-duplicates repeated findings\n- Filters non-actionable noise\n\nThis ensures the tester focuses on **signal, not spam**.\n\nExample:\nMultiple URLs → unique parameterised endpoints\nMultiple ports → parsed open services\nMultiple subdomains → consolidated attack surface\n\n\n---\n\n### 3️⃣ Correlation Engine (Human-like Logic)\n\nThis is the **core brain before AI**.\n\nThe framework correlates findings across tools to build **context**, such as:\n\n- Open web ports + subdomains + login hints\n- Parameterised URLs + SQLMap/XSS signals\n- Nikto misconfigs + Nuclei template hits\n- Many subdomains → higher chance of forgotten assets\n\nIsolated issues are converted into **meaningful attack hypotheses**.\n\n\u003e Example logic:\nParameterised URL\n\nSQLMap heuristic signal\n\nXSStrike reflection\n= High-value input validation hotspot\n\n\n\n---\n\n### 4️⃣ AI Reasoning Layer (Local LLM – Optional)\n\nThe AI layer uses **llama.cpp with GGUF models**, running **fully locally**.\n\nThe AI:\n- Reads the correlated attack surface summary\n- Mimics attacker-style reasoning\n- Suggests **high-level attack paths**\n- Explains **why certain areas matter more**\n\n✔ Fully offline  \n✔ No cloud API  \n✔ Privacy-first  \n✔ Exploit-less (planning only)\n\nAI is used for **decision support**, not automated hacking.\n\n---\n\n### 5️⃣ Attack Path Generation\n\nBased on correlation + AI reasoning, the framework generates:\n\n- Step-by-step **attack paths**\n- Logical phases:\nRecon → Entry Point → Expansion → Impact\n- Priority scoring (Critical / High / Medium / Low)\n- Risk context for each hotspot\n\nThis helps answer the real question:\n\u003e *“If I were attacking this legally, where would I start?”*\n\n---\n\n### 6️⃣ OWASP Top 10 Mapping (Signal-Based)\n\nEach finding is approximately mapped to **OWASP Top 10 categories**, such as:\n\n- A01 – Broken Access Control  \n- A03 – Injection (SQLi / XSS / Input issues)  \n- A05 – Security Misconfiguration  \n- A07 – Identification \u0026 Authentication Failures  \n\n⚠️ This is **signal-based mapping**, not a final verdict.  \nIt is meant to make results:\n- Report-ready\n- Management-friendly\n- Easier to explain to non-technical stakeholders\n\n---\n\n### 7️⃣ Risk Scoring \u0026 Prioritisation\n\nThe framework calculates a **rough risk score (0–100)** based on:\n- Number of open ports\n- Severity of Nuclei findings\n- Correlated vulnerability signals\n- Breadth of attack surface\n\nThis score is:\n- Visual\n- Educational\n- Trendable (per session)\n\nIt is **not a CVSS replacement**, but a prioritisation aid.\n\n---\n\n### 8️⃣ Visualisation Layer (Streamlit UI)\n\nAll insights are presented through a clean Streamlit dashboard:\n\n- Attack surface overview\n- Risk metrics \u0026 trends\n- Open port \u0026 subdomain graphs\n- OWASP Top 10 tables\n- Timeline view (Recon → Attack planning)\n- Graphviz attack surface map\n- High-level attack tree visualisation\n\nNo messy terminal output.  \nOnly **clear offensive insight**.\n\n---\n\n### 9️⃣ Learning Mode \u0026 Explainability\n\nEvery major tool output can be:\n- Explained in **beginner-friendly Hinglish**\n- Interpreted using local AI (optional)\n- Used as a learning reference\n\nThis makes the framework ideal for:\n- Students\n- Junior pentesters\n- Interview preparation\n- Red team mindset training\n\n---\n\n## ✨ Key Features (Expanded)\n\n- 🔍 Multi-tool recon aggregation  \n- 🧠 Human-like vulnerability correlation  \n- 🤖 Local AI reasoning (llama.cpp, GGUF)  \n- 📊 Risk-based prioritisation \u0026 scoring  \n- 🧩 OWASP Top 10 signal mapping  \n- 🌐 Visual attack surface \u0026 attack tree  \n- 🧪 ParamSpider → SQLMap → XSStrike smart pipeline  \n- 📈 Risk trend tracking (session-based)  \n- 🧠 Explainable outputs (learning-first)  \n- ⚡ Fast Streamlit UI  \n- 🖥️ Offline / local-first architecture  \n- 📄 One-click professional reporting \u0026 export  \n- 🧾 Auto-generated attack surface \u0026 AI analysis report (Markdown)  \n- 🧠 Complete machine-readable scan bundle (JSON)  \n- ⏱️ Timestamped, domain-based filenames  \n- ⬇️ Instant download from the dashboard\n- 🛡️ Legal, authorised \u0026 exploit-less by design  \n- 🎯 **Multiple Scan Modes**\n- ⚙️ **Normal Mode** – Balanced recon \u0026 analysis for general security testing  \n- 🏆 **Bug Bounty Mode** – Low-noise, safe, scope-friendly scanning ideal for bounty programs  \n- 🎓 **Learning Mode** – Beginner-friendly explanations with AI-assisted reasoning (Hinglish support)\nEach mode intelligently adjusts:\n- 🧰 Tool execution behaviour  \n- 🔊 Noise vs signal balance  \n- 🧠 Explanation depth  \nThis makes the framework usable for **both professionals and learners** 🚀\n- 📦 **Smart Dependency Checker \u0026 Auto Installer**\n- Automatically checks required \u0026 optional tools on startup\n- Detects missing tools in the user’s system\n- Prompts the user before installing anything\n- Installs missing tools automatically (Windows – Chocolatey based)\n- Skips tools that are already installed\n- Ensures a smooth, beginner-friendly first-time setup\n- No manual dependency hunting or broken PATH issues\n\n\n---\n\n## 🎥 Framework Demo Video\n\n▶️ **Click below to watch the full demo**  \n(Shows real-time scanning, AI-assisted attack planning, visual graphs, and reporting flow)\n\n[![Watch the demo](assets/screenshots/ss-01-control-panel.png)](https://github.com/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer/releases)\n\n---\n\n## 📸 Framework Screenshots\n\n### 1️⃣ Offensive Control Panel \u0026 AI Engine Selection\n![Control Panel](assets/screenshots/ss-01-control-panel.png)\nCentralized control panel with local AI engine selection, dependency checks, theme switching, and legal-only usage guardrails.\n\n---\n\n### 2️⃣ Tool Overview \u0026 Getting Started\n![Home UI](assets/screenshots/ss-02-home-ui.png)\nClean landing interface showing workflow guidance, scan modes, and offensive-security learning focus.\n\n---\n\n### 3️⃣ Scan Summary \u0026 Risk Snapshot\n![Scan Summary](assets/screenshots/ss-03-scan-summary.png)\nAuto-generated scan summary including resolved IP, scan timestamp, and overall risk score.\n\n---\n\n### 4️⃣Owasp Top 10 Coverage\n![Owasp Top 10 Coverage](assets/screenshots/ss-04-attack-surface.png)\nSignal-based mapping of potential OWASP Top 10 risk categories derived from reconnaissance and scan outputs for prioritised review.\n---\n\n### 5️⃣ Timeline View-Recon to Attack Path Planning![Timeline View](assets/screenshots/ss-05-visual-graphs.png)\nStep-by-step visual flow from initial reconnaissance to structured attack-path planning for guided security testing.\n\n---\n\n### 6️⃣ Domain, IP, Ports \u0026 Subdomain Visual Graph\n![Domain, IP, Ports \u0026 Subdomain Visual Graph](assets/screenshots/ss-06-risk-trend.png)\nSession-level risk trend tracking to observe exposure changes during reconnaissance.\n\n---\n\n### 7️⃣ AI-Generated Attack Path \u0026 Ranking\n![AI-Generated Attack Path \u0026 Ranking](assets/screenshots/ss-07-owasp.png)\nHigh-level, AI-assisted attack path with asset ranking and testing priority to support informed and ethical security assessment planning.\n\n---\n\n### 8️⃣ Attack Tree \u0026 A.i Correlated Findings (Visual Graph)\n![Attack Tree \u0026 Correlated Findings (Visual Graph)](assets/screenshots/ss-08-timeline.png)\nVisual attack tree correlating reconnaissance findings, assets, and services to illustrate potential attack paths and relationships.\n\n---\n\n### 9️⃣ AI Risk Ranking\n![AI Risk Ranking](assets/screenshots/ss-09-attack-graph.png)\nAI-based ranking of assets and findings based on exposure signals and contextual risk indicators.\n\n---\n\n### 🔟 Exploit Hint (AI-Assisted)\n![Exploit Hint (AI-Assisted)](assets/screenshots/ss-10-ai-attack-path.png)\nAI-assisted indicators to guide focused analysis and manual testing.\n\n---\n\n## ⚠️ Important Disclaimer\n\nThis framework is designed for:\n- Legal \u0026 authorised security testing\n- Education \u0026 learning\n- Attack surface analysis\n- Decision support\n\nIt does **NOT** provide:\n- Exploit payloads\n- Malware\n- Illegal automation\n\nAlways follow scope, permissions, and local laws.\nℹ️ The framework never installs tools without explicit user consent.\n\n\n---\n\n## 🧰 Requirements\n\n- Windows 10 / 11  \n- Python **3.10+**  \n- Git  \n- Streamlit  \n- llama.cpp (local LLM server)\n\n---\n\n## ⚙️ Installation (Windows – Easy)\n\n```powershell\n# 1️⃣ Clone the repository\ngit clone https://github.com/HackerBlazeX/Offensive-AI-Attack-Path-Visualizer.git\ncd Offensive-AI-Attack-Path-Visualizer\n\n# 2️⃣ Install dependencies\npip install -r requirements.txt\n\n# 3️⃣ Start local LLM server (llama.cpp)\n.\\llama-server.exe -m path\\to\\model.gguf -c 4096 -t 6 -ngl 35\n\n# 4️⃣ Run the framework\nstreamlit run Offensive-AI.py\n\n# 5️⃣ Open in browser\nhttp://localhost:8501\n\n## ⚠️ Important: Hardcoded Paths Notice\n\nSome paths inside the framework (for example **ParamSpider results directory, Nikto path, local tool locations**)  \nare currently **configured based on the developer’s local Windows environment**.\n\n🔧 **What you need to do:**\n- Review variables like:\n  - `PARAMSPIDER_BASE`\n  - `PARAMSPIDER_RESULTS_DIR`\n  - `nikto_path`\n- Update them **according to your own system paths** if required.\n\n💡 This design choice was made to:\n- Keep the framework simple and readable\n- Allow beginners to understand how tools interact\n- Avoid complex environment abstractions in early versions\n\nFuture versions may introduce:\n- Auto path detection\n- Config file–based path management\n\n✔️ Once paths are adjusted, the framework works normally.\n\n\n⚠️ Important Note\n\nThis framework is not an auto-exploitation tool.\nIt is an AI-assisted offensive decision-support system designed to:\n\nReduce manual analysis time\n\nImprove attack planning\n\nEnhance learning and reporting quality\n\n🔐 Legal Disclaimer\n\nThis project is intended only for authorised security testing, research, and education.\nThe author is not responsible for misuse or illegal activity.\n\n📄 License\n\nLicensed under the MIT License.\nSee the LICENSE file for details.\n\n👨‍💻 Author\n\nDip Kar\nCybersecurity | Offensive Security | AI × Security\n\n⭐ Support\n\nIf you find this project useful:\n\n⭐ Star the repository\n\n🧠 Share feedback\n\n🚀 Contribute ideas or improvements\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FHackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHackerBlazeX%2FOffensive-AI-Attack-Path-Visualizer/lists"}