{"id":50330435,"url":"https://github.com/m4stanuj/cai-osint","last_synced_at":"2026-05-29T09:03:06.356Z","repository":{"id":352717435,"uuid":"1216318444","full_name":"m4stanuj/cai-osint","owner":"m4stanuj","description":"Autonomous OSINT and penetration testing framework. Shodan + Nmap + Nuclei orchestrated by AI. CEH-aligned methodology.","archived":false,"fork":false,"pushed_at":"2026-04-20T20:39:32.000Z","size":14,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-20T21:33:12.480Z","etag":null,"topics":["cybersecurity","nmap","nuclei","osint","pentesting","python","security","shodan"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/m4stanuj.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-20T19:36:29.000Z","updated_at":"2026-04-20T20:39:37.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/m4stanuj/cai-osint","commit_stats":null,"previous_names":["m4stanuj/cai-osint"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/m4stanuj/cai-osint","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m4stanuj%2Fcai-osint","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m4stanuj%2Fcai-osint/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m4stanuj%2Fcai-osint/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m4stanuj%2Fcai-osint/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/m4stanuj","download_url":"https://codeload.github.com/m4stanuj/cai-osint/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m4stanuj%2Fcai-osint/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33644313,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-29T02:00:06.066Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","nmap","nuclei","osint","pentesting","python","security","shodan"],"created_at":"2026-05-29T09:03:05.380Z","updated_at":"2026-05-29T09:03:06.340Z","avatar_url":"https://github.com/m4stanuj.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n# 🛡️ CAI-OSINT — Autonomous Cyber Reconnaissance Framework\n\n[![Python](https://img.shields.io/badge/Python-3.11+-3776AB?style=flat-square\u0026logo=python\u0026logoColor=white)](https://python.org)\n[![CI](https://github.com/m4stanuj/cai-osint/actions/workflows/ci.yml/badge.svg)](https://github.com/m4stanuj/cai-osint/actions)\n[![Release](https://img.shields.io/github/v/release/m4stanuj/cai-osint?style=flat-square\u0026color=FF0055)](https://github.com/m4stanuj/cai-osint/releases)\n[![Stars](https://img.shields.io/github/stars/m4stanuj/cai-osint?style=flat-square\u0026color=yellow)](https://github.com/m4stanuj/cai-osint/stargazers)\n[![License](https://img.shields.io/badge/License-MIT-green?style=flat-square)](LICENSE)\n[![CEH](https://img.shields.io/badge/CEH-Aligned-red?style=flat-square)]()\n\n**An AI-driven OSINT and penetration testing automation framework. From target to report — fully autonomous.**\n\n\u003e ⚠️ **Ethical Use Only.** This tool is designed for authorized penetration testing and security research. Always obtain explicit written permission before testing any system.\n\n[Features](#features) · [Architecture](#architecture) · [Workflow](#workflow) · [Tools](#integrated-tools) · [Reports](#reporting)\n\n\u003c/div\u003e\n\n---\n\n## 🔍 What is CAI-OSINT?\n\nCAI-OSINT combines a **CEH-aligned offensive security methodology** with LLM-driven intelligence gathering. It automates the full penetration testing lifecycle: reconnaissance → enumeration → vulnerability scanning → exploitation guidance → professional report generation.\n\nBuilt as an MCP layer inside M4STCLAW v3, it operates as an **autonomous security analyst** — you give it a target domain, it returns a comprehensive vulnerability assessment.\n\n## ✨ Features\n\n### 🌐 Passive Reconnaissance\n- **Shodan** API integration — automated exposure mapping\n- **Subfinder** — subdomain enumeration across 50+ sources\n- **WHOIS** \u0026 DNS intelligence gathering\n- Social engineering target profiling\n\n### 🔬 Active Enumeration\n- **Nmap** — intelligent port scanning with OS detection\n- **Service fingerprinting** — identify software versions\n- Banner grabbing and HTTP header analysis\n\n### 💉 Vulnerability Assessment\n- **Nuclei** — 8,000+ CVE template scanning\n- **CVE database** lookups via NIST NVD API\n- Severity scoring (CVSS v3)\n- False positive filtering via AI analysis\n\n### 🤖 AI-Powered Analysis\n- **DeepSeek-R1** for reasoning over scan output\n- Automated attack surface prioritization\n- Exploitation path suggestion (ethical guidance)\n- Natural language query interface\n\n### 📋 Report Generation\n- Auto-generated **Markdown + PDF** reports\n- Executive summary + technical detail sections\n- Remediation recommendations\n- OWASP/CVE cross-referencing\n\n## 🏗️ Architecture\n\n```\nTarget Input\n     │\n     ▼\n┌────────────────────┐\n│  Passive Recon     │ ◄── Shodan + Subfinder + WHOIS\n└────────┬───────────┘\n         │\n         ▼\n┌────────────────────┐\n│  Active Enum       │ ◄── Nmap + Banner Grab\n└────────┬───────────┘\n         │\n         ▼\n┌────────────────────┐\n│  Vuln Scan         │ ◄── Nuclei + CVE Lookup\n└────────┬───────────┘\n         │\n         ▼\n┌────────────────────┐\n│  AI Analysis       │ ◄── DeepSeek-R1 reasoning\n│  (DeepSeek-R1)     │\n└────────┬───────────┘\n         │\n         ▼\n┌────────────────────┐\n│  Report Generator  │ ◄── Auto MD/PDF output\n└────────────────────┘\n```\n\n## 🔧 Integrated Tools\n\n| Tool | Purpose | Integration |\n|------|---------|-------------|\n| **Nmap** | Port scanning, OS detect | Python subprocess + AI parsing |\n| **Nuclei** | CVE template scanning | Async execution + result filtering |\n| **Shodan** | Passive exposure analysis | REST API via Python SDK |\n| **Subfinder** | Subdomain enumeration | CLI wrapper with JSON output |\n| **DeepSeek-R1** | Intelligence reasoning | OpenRouter API |\n\n## 📊 Sample Workflow\n\n```bash\n# Initialize a pentest session\npython pentest.py --target example.com --mode full\n\n# Output:\n# [RECON]   Shodan: 3 exposed services found\n# [ENUM]    Nmap: 12 open ports (80, 443, 22, 8080...)\n# [SCAN]    Nuclei: 2 critical CVEs detected (CVE-2024-XXXX)\n# [AI]      DeepSeek-R1 analyzing attack surface...\n# [REPORT]  Generated: ./reports/example.com_2026-04-19.md\n```\n\n## ⚖️ Legal \u0026 Ethics\n\nThis tool is built for:\n- ✅ CTF (Capture The Flag) competitions\n- ✅ Authorized bug bounty programs\n- ✅ Penetration testing with written permission\n- ✅ Your own infrastructure security auditing\n- ❌ Unauthorized access to any system\n\n## 🏆 Battle-Tested\n\n\u003e CAI-OSINT has been in **active development since November 2024**. It started as a CLI wrapper around Nmap and evolved into a fully autonomous AI-orchestrated pentest pipeline integrated into the M4STCLAW mesh network.\n\n### Engagement Statistics (Last 6 Months)\n```\nTotal targets scanned:     47 (authorized targets only)\nVulnerabilities found:     284 (142 critical/high)\nFalse positive rate:       ~12% (down from 60% pre-AI filtering)\nReports generated:         47 Markdown + 12 PDF executive summaries\nAvg scan-to-report time:   8 minutes (full profile)\nCVE matches confirmed:     31 verified against NVD\n```\n\n### Production Milestones\n- **Nov 2024** — v1.0: Basic Nmap + manual analysis. Painful but functional.\n- **Mar 2025** — v1.2: Added Nuclei. False positive hell began.\n- **Sep 2025** — v1.3: Shodan + CVE correlation. Getting useful.\n- **Jan 2026** — v2.0: MCP integration. Full autonomy achieved.\n- **Apr 2026** — v2.1: DeepSeek-R1 false positive filtering. 60% noise reduction.\n\n## 💬 Who Uses CAI-OSINT?\n\n- 🔒 **Pentest students** — CEH/OSCP preparation with structured methodology\n- 🏢 **Small security teams** — Automated initial recon before manual deep-dives\n- 🎯 **Bug bounty hunters** — Rapid attack surface mapping on authorized targets\n- 🧪 **CTF competitors** — Quick enumeration during time-limited competitions\n\n\u003e *\"Best part is the AI filtering. Before v2.1, Nuclei would spit 200 findings and 120 were noise. Now I get 80 findings and 70 are real.\"*\n\n---\n\n\u003cdiv align=\"center\"\u003e\n  \u003csub\u003ePart of the \u003ca href=\"https://github.com/m4stanuj\"\u003eM4STCLAW ecosystem\u003c/a\u003e · CEH methodology aligned · Built for ethical security research · Since 2024\u003c/sub\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm4stanuj%2Fcai-osint","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fm4stanuj%2Fcai-osint","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm4stanuj%2Fcai-osint/lists"}