{"id":50706200,"url":"https://github.com/whiterabb17/r3ngine","last_synced_at":"2026-06-09T12:01:45.791Z","repository":{"id":356847432,"uuid":"1226375584","full_name":"whiterabb17/r3ngine","owner":"whiterabb17","description":"r3ngine is the rebirth of the automated reconnaissance framework for web applications with a focus on dynamic streamlined recon process, backed by a database, \u0026 simple yet intuitive User Interface. r3ngine makes it easy for penetration testers to gather reconnaissance with min config \u0026 with the help of r3ngine's correlation, making recon effortless","archived":false,"fork":false,"pushed_at":"2026-06-08T09:40:00.000Z","size":61962,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-08T11:23:43.996Z","etag":null,"topics":["automated-recon","correlation","cybersecurity-tools","opsec","reconnaissance","rengine","rengine-ng","scanner","vulnerability-scanner"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/whiterabb17.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":["https://paypal.me/yogeshojha11"]}},"created_at":"2026-05-01T10:11:09.000Z","updated_at":"2026-06-08T09:40:04.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/whiterabb17/r3ngine","commit_stats":null,"previous_names":["whiterabb17/r3ngine"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/whiterabb17/r3ngine","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whiterabb17%2Fr3ngine","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whiterabb17%2Fr3ngine/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whiterabb17%2Fr3ngine/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whiterabb17%2Fr3ngine/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/whiterabb17","download_url":"https://codeload.github.com/whiterabb17/r3ngine/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whiterabb17%2Fr3ngine/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34105565,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-09T02:00:06.510Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automated-recon","correlation","cybersecurity-tools","opsec","reconnaissance","rengine","rengine-ng","scanner","vulnerability-scanner"],"created_at":"2026-06-09T12:01:45.096Z","updated_at":"2026-06-09T12:01:45.785Z","avatar_url":"https://github.com/whiterabb17.png","language":"Python","funding_links":["https://paypal.me/yogeshojha11"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"frontend/public/img/banner.png\" height=\"400px\" width=\"520px\" alt=\"\"/\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ch4 align=\"center\"\u003e\u003cstrong\u003ePhoenix: From the Ashes even Stronger\u003c/strong\u003e\u003c/h4\u003e\n  \u003ch3 align=\"center\"\u003er3ngine v3 — The Ultimate Web Reconnaissance \u0026 Vulnerability Scanner\u003c/h3\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ch3 align=\"center\"\u003eNew V3 Dashboard\u003c/h3\u003e\n  \u003cimg src=\".github/screenshots/r3ngine_dash.png\" height=\"550px\" width=\"1020px\" alt=\"\"/\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/whiterabb17/r3ngine/releases\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/version-v3.5.0-informational?\u0026logo=none\" alt=\"r3ngine Latest Version\" /\u003e\n  \u003c/a\u003e\n  \u0026nbsp;\n  \u003ca href=\"https://www.gnu.org/licenses/gpl-3.0\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/License-GPLv3-red.svg?\u0026logo=none\" alt=\"License\" /\u003e\n  \u003c/a\u003e\n  \u0026nbsp;\n  \u003ca href=\"#\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/first--timers--only-friendly-blue.svg?\u0026logo=none\" alt=\"\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch3 align=\"center\"\u003er3ngine 3.5.0: The Phoenix Rebirth\u003c/h3\u003e\n\u003cp\u003e\n  r3ngine v3.5.0 is the production-stabilized, enterprise-grade evolution of the platform. This release delivers a complete \u003cb\u003eCVE Enrichment System\u003c/b\u003e (NVD, EPSS, CISA KEV), a \u003cb\u003eBurp Suite Professional Integration Plugin\u003c/b\u003e, and deep \u003cb\u003eNeo4j graph sync\u003c/b\u003e with CVE metadata. The infrastructure has been hardened with \u003cb\u003eDjango 5.2.3 LTS\u003c/b\u003e, \u003cb\u003ePostgreSQL 16\u003c/b\u003e, and \u003cb\u003eGunicorn + Uvicorn ASGI\u003c/b\u003e production serving. Building on the v3.2.0 Celery → Temporal migration — which replaced the legacy at-most-once task broker with a durable workflow engine providing crash-safe execution, full replay history, and pause/resume signaling — v3.5.0 focuses on intelligence enrichment, operational security, and production reliability at scale.\n\u003c/p\u003e\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\u003ch4 align=\"center\"\u003eAttack Path Modeling Engine\u003c/h4\u003e\n\u003cp align=\"center\"\u003e\n\u003cimg src=\".github/screenshots/apme.png\" height=\"700px\" width=\"1020px\" alt=\"\"/\u003e\n\u003c/p\u003e\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\u003ch2 align=\"center\"\u003e\u003ca href=\"https://github.com/whiterabb17/r3ngine-mobile\" target=\"_blank\"\u003er3NgineMobileSOC\u003c/a\u003e: Beta Release Out Now\u003c/h2\u003e\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://img.shields.io/badge/r3ngine--mobile-1.2.4-orange.svg?logo=none\" alt=\"r3ngine Mobile SOC\" /\u003e\n\u003c/p\u003e\n\n| Dashboard | Geo-Tactical Map | Scan Details | Scan Orchestration |\n| :---: | :---: | :---: | :---: |\n| \u003cimg src=\".github/screenshots/dashboard.png\" width=\"200px\" /\u003e | \u003cimg src=\".github/screenshots/geomap.png\" width=\"200px\" /\u003e | \u003cimg src=\".github/screenshots/scan_details.png\" width=\"200px\" /\u003e | \u003cimg src=\".github/screenshots/scan_drawer.png\" width=\"200px\" /\u003e |\n\nThe r3ngine Mobile SOC companion app provides a full command-and-control interface for managing scans, reviewing findings, and monitoring targets from any device. Features include a 4-step scan wizard, plugin selector, real-time task log streaming, animated activity badge, ReconX monitoring settings, and geo-tactical map visualization.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\u003ch2 align=\"center\"\u003e\u003ca href=\"https://github.com/whiterabb17/r3ngine-plugins\" target=\"_blank\"\u003er3Ngine Plugins\u003c/a\u003e: Alpha Release Out Now\u003c/h2\u003e\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://img.shields.io/badge/r3ngine--plugins-1.0.0-orange.svg?logo=none\" alt=\"r3ngine Plugins\" /\u003e\n\u003c/p\u003e\n\n| Active Directory |\n| :---: |\n| \u003cimg src=\"https://raw.githubusercontent.com/whiterabb17/r3ngine-plugins/refs/heads/master/active_directory/docs/dashboard.png\" width=\"1000px\" height=\"450px\" /\u003e |\n\n| Active Exploitation |\n| :---: |\n| \u003cimg src=\"https://raw.githubusercontent.com/whiterabb17/r3ngine-plugins/refs/heads/master/active_exploitation/docs/dashboard.png\" width=\"1000px\" height=\"450px\" /\u003e |\n\n| Exploit Readiness Layer |\n| :---: |\n| \u003cimg src=\"https://raw.githubusercontent.com/whiterabb17/r3ngine-plugins/refs/heads/master/exploit_readiness_layer/docs/dashboard.png\" width=\"1000px\" height=\"450px\" /\u003e |\n\nThe plugin system supports dynamic installation, signed `.r3n` packages with Ed25519 verification, Temporal-wired activities, and Module Federation UI loaded directly into the host router. Available plugins include Active Directory Intelligence, Active Exploitation, Exploit Readiness Layer, Burp Suite Integration, and Email Security.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\u003e **IMPORTANT — Upgrading from an existing installation**\n\u003e\n\u003e v3.4.1 upgraded the infrastructure stack: **Django 3.2 → 5.2.3 LTS**, **PostgreSQL 12 → 16**, and the production server changed from `runserver` to **Gunicorn + Uvicorn ASGI**. v3.2.0 replaced Celery with Temporal. Both are breaking infrastructure changes that require a full upgrade run.\n\u003e\n\u003e **You must run the full upgrade script before starting services:**\n\u003e\n\u003e ```bash\n\u003e # Linux / macOS\n\u003e git pull\n\u003e make fullupgrade\n\u003e\n\u003e # Windows\n\u003e git pull\n\u003e make.bat fullupgrade\n\u003e ```\n\u003e\n\u003e The script will:\n\u003e - Warn you of all changes and ask for explicit confirmation before proceeding\n\u003e - Stop and remove all existing containers\n\u003e - Back up the PostgreSQL database and upgrade it from pg12 → pg16 (automated, idempotent)\n\u003e - Rebuild all images from scratch with `--no-cache`\n\u003e - Apply all database migrations\n\u003e - Start the full updated stack and verify Gunicorn is serving\n\u003e\n\u003e **Your data is safe.** All Docker volumes (`scan_results`, `postgres_data`, `nuclei_templates`, `wordlist`, etc.) are fully preserved.\n\u003e\n\u003e **Do not run `make up` or `docker compose up` directly** on an existing install without running `fullupgrade` first — migrations will not be applied automatically.\n\u003e\n\u003e Any scans running at the time of upgrade **will be interrupted**. Ensure no critical scans are in progress before upgrading.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\n## Table of Contents\n\n* [About r3ngine](#about-r3ngine)\n* [Workflow](#workflow)\n* [Features](#features)\n* [Quick Installation](#quick-installation)\n* [Administration \u0026 Recovery](#-administration--recovery)\n* [Contributing](#contributing)\n* [Reporting Security Vulnerabilities](#reporting-security-vulnerabilities)\n* [License](#license)\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## About r3ngine\n\nr3ngine is a production-grade web reconnaissance and vulnerability scanning platform. It combines a 7-tier scan pipeline with AI-powered intelligence gathering, graph-based attack path modeling, CVE enrichment from official threat intel feeds, and operational security controls — all orchestrated by [Temporal](https://temporal.io) for durable, crash-safe execution.\n\n🦾\u0026nbsp;\u0026nbsp; **End-to-end reconnaissance** via 30+ integrated security tools: subdomain discovery, port scanning, HTTP crawling, directory fuzzing, screenshot capture, secret scanning, vulnerability assessment (Nuclei, Semgrep, WPScan, Dalfox), and more.\n\n🗃️\u0026nbsp;\u0026nbsp; **Unified data model** with a custom query language. Filter reconnaissance data using natural-language operators like `http_status=200\u0026name=admin` across all finding types.\n\n🔧\u0026nbsp;\u0026nbsp; **Highly configurable scan engines** via YAML configuration. Pre-built profiles include Full Scan, Passive Scan, Screenshot Gathering, and OSINT Scan. Every parameter — threads, timeouts, rate limits — is tunable.\n\n💎\u0026nbsp;\u0026nbsp; **Subscans**: respond immediately to in-progress discoveries. Launch a targeted port scan or vulnerability assessment against any subdomain without waiting for the full pipeline.\n\n🧠\u0026nbsp;\u0026nbsp; **CVE Intelligence**: automatic CVSS v3.1 scoring from NVD, EPSS exploitation probability from FIRST, and CISA KEV marking — enriched on every startup and queryable via the API.\n\n📃\u0026nbsp;\u0026nbsp; **PDF Reports**: Full Scan, Vulnerability, and OSINT report types with customizable templates, executive summaries, LLM-generated impact narratives, and remediation priorities.\n\n⚙️\u0026nbsp;\u0026nbsp; **Role-based access control**: Sys Admin, Penetration Tester, and Auditor roles with precisely defined permissions.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Workflow\n\n\u003cimg src=\".github/workflows/workflows.png\"\u003e\n\n### Temporal Scan Pipeline (v3.2.0+)\n\nThe full scan pipeline is orchestrated by `MasterScanWorkflow` on Temporal. Every tier boundary is a hard synchronisation point — no tier starts until all activities in the previous tier have completed and their results are persisted to the database.\n\n```mermaid\nflowchart TD\n    START([▶ Scan Initiated]) --\u003e TP\n\n    subgraph S0[\"⚙️ Step 0 — Target Setup\"]\n        direction TB\n        TP[TargetProfilingActivity] --\u003e LC[LoadCheckpointActivity]\n    end\n\n    LC --\u003e F1(( ))\n    F1 --\u003e SD \u0026 AI \u0026 FW \u0026 OS \u0026 SF\n\n    subgraph T1[\"🔍 Tier 1 — Discovery  ·  all parallel\"]\n        direction TB\n        SD[RunSubdomainDiscoveryActivity]\n        AI[RunAmassIntelDiscoveryActivity]\n        FW[RunFirewallVPNScanActivity]\n        OS[\"RunGenericTaskActivity · osint\"]\n        SF[\"RunGenericTaskActivity · spiderfoot_scan\\n─ requires yaml spiderfoot_scan block\"]\n    end\n\n    SD \u0026 AI \u0026 FW \u0026 OS \u0026 SF --\u003e J1(( ))\n    J1 --\u003e PDR[ParseDiscoveryResultsActivity]\n    PDR --\u003e CP1{{\"⏸ Pause Checkpoint\"}}\n\n    CP1 --\u003e F2(( ))\n    F2 --\u003e HC \u0026 PS\n\n    subgraph T2[\"🌐 Tier 2 — HTTP Crawl · Port Scan ·  all parallel\"]\n        direction TB\n        HC[\"RunHTTPCrawlActivity\\n─ global config · feeds Tiers 3 \u0026 4\"] --\u003e PHC[ParseHTTPCrawlResultsActivity]\n        PS[RunPortScanActivity]\n    end\n\n    PHC \u0026 PS --\u003e J2(( ))\n    J2 --\u003e FU\n\n    subgraph T3[\"🔗 Tier 3 — URL Fetching  ·  sequential\"]\n        direction TB\n        FU[RunFetchURLActivity]\n    end\n\n    FU --\u003e DFF\n\n    subgraph T4[\"📁 Tier 4 — Directory \u0026 File Fuzzing  ·  sequential\"]\n        direction TB\n        DFF[RunDirFileFuzzActivity] --\u003e PFF[ParseFuzzResultsActivity]\n    end\n\n    PFF --\u003e PER[ParseEnumerationResultsActivity]\n    PER --\u003e CP2{{\"⏸ Pause Checkpoint\"}}\n\n    CP2 --\u003e F3(( ))\n    F3 --\u003e WAD \u0026 WD \u0026 SEC\n\n    subgraph T5[\"🔬 Tier 5 — Analysis  ·  all parallel\"]\n        direction TB\n        WAD[RunWebAPIDiscoveryActivity]\n        WD[RunWAFDetectionActivity]\n        SEC[RunSecretScanningActivity]\n    end\n\n    WAD \u0026 WD \u0026 SEC --\u003e J3(( ))\n    J3 --\u003e PAR[ParseAnalysisResultsActivity]\n    PAR --\u003e CP3{{\"⏸ Pause Checkpoint\"}}\n\n    CP3 --\u003e F4(( ))\n    F4 --\u003e NUC \u0026 WB \u0026 BF \u0026 SS\n\n    subgraph T6[\"🎯 Tier 6 — Assessment · BruteForcing · WAFBypass · Nuclei · Screenshot   ·  all parallel\"]\n        direction TB\n        subgraph NP[\"NucleiPlannerWorkflow · child workflow\"]\n            direction TB\n            NUC[RunVulnerabilityScanActivity]\n        end\n        WB[RunWAFBypassActivity]\n        BF[RunBruteForceScanActivity]\n        SS[RunScreenshotActivity]\n    end\n\n    SS \u0026 NUC \u0026 WB \u0026 BF --\u003e J4(( ))\n    J4 --\u003e PASM[ParseAssessmentResultsActivity]\n    PASM --\u003e CP4{{\"⏸ Pause Checkpoint\"}}\n\n    CP4 --\u003e CV\n\n    subgraph T7[\"🧠 Tier 7 — Intelligence  ·  sequential\"]\n        direction TB\n        CV[CorrelateVulnerabilitiesActivity] --\u003e CR[CalculateRiskScoresActivity]\n        CR --\u003e GI[\"GenerateImpactAssessmentActivity\\n─ requires enable_ai_impact_analysis: true\"]\n        GI --\u003e SG[\"SyncGraphActivity  ·  APME + Neo4j\\n─ requires attack_path_modeling.enabled: true\"]\n    end\n\n    SG --\u003e SN[SendScanNotificationActivity]\n    SN --\u003e DONE([✓ Scan Complete])\n```\n\n\u003e `(( ))` = fork/join (parallel branch split/rejoin) \u0026nbsp;·\u0026nbsp; `{{\"⏸\"}}` = pause checkpoint (workflow waits for `resume` signal) \u0026nbsp;·\u0026nbsp; `─ requires` = only runs when the noted YAML flag is set\n\u003e\n\u003e Full tier reference and execution notes: [`.github/workflows/temporal-scan-flow.md`](.github/workflows/temporal-scan-flow.md)\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Features\n\n### 🔬 CVE Intelligence \u0026 Enrichment (v3.5.0)\n*   **CVE Enrichment Service**: Fetches CVSS v3.1 metrics from **NVD API v2.0**, exploitation probability scores from **FIRST EPSS**, and syncs the **CISA KEV** (Known Exploited Vulnerabilities) catalog. Enriched data is cached (7-day TTL for CVEs, 1-hour for KEV) and gracefully degrades when external APIs are unavailable.\n*   **Vulnerability History Tracking**: `VulnerabilityHistory` model traces vulnerabilities across historical scans, automatically classifying findings as new, persistent, or remediated.\n*   **Multi-Criteria Correlation Scoring**: Composite scores using configurable tool weights, asset criticality, CISA KEV/EPSS exploitability factors, and temporal modifiers. In-scan duplicate suppression groups findings under a `group_key` before writing.\n*   **Neo4j ID-Based Graph Sync**: CVE nodes in Neo4j are linked by precise CVE ID with CVSS base score and EPSS score ingested as node properties for attack path enrichment.\n*   **Startup Enrichment**: On every orchestrator start, `sync_cve_data` fires 5 minutes after graph sync completes — enriching all unenriched CVEs and refreshing the KEV catalog automatically.\n*   **Management Command**: `python manage.py sync_cve_data --all` for full manual synchronization.\n\n### 🧠 Intelligence \u0026 AI Hub\n*   **Centralized AI Management**: Unified interface supporting **OpenAI, Anthropic (Claude 3), Google Gemini, and local Ollama models**.\n*   **Vulnerability Impact Intelligence**: Automated impact narratives, remediation strategies, and priorities via LLMs, visualized through interactive **Cytoscape.js attack paths** and a state-aware **Impact Explorer**.\n*   **PII Gate Security**: Advanced privacy layer that anonymizes sensitive data (IPs, emails, hostnames) before sending to external LLMs.\n*   **GPT Attack Surface Generator**: Automated generation of target profiles and high-value asset identification.\n*   **Natural Language Querying**: Complex database lookups using human-like operators.\n\n### 🛠️ Advanced Scan \u0026 Execution Engines\n*   **Burp Suite Professional Integration** (v3.4.0 plugin): Two-phase Temporal sync (import → correlate), bidirectional scope push, filterable issues grid, and live connection health badge.\n*   **Active Directory Intelligence Plugin**: Full AD attack surface analysis — Cytoscape.js graph with 5 layout presets, real-time WebSocket streaming (150 ms batching), paginated findings API, 7-section PDF reports (`ad_modern`, `cyber_pro` templates), and RBAC evidence logs.\n*   **Attack Path Modeling Engine (APME)**: Neo4j-based graph discovery of feasible attack routes (e.g., SQLi → DB Access → Pivot) with 20+ security patterns and automated \"Goal Injection\".\n*   **Adaptive Stress \u0026 Resilience Engine (ASRE)**: `k6`, `wrk`, `hping3`, and `Locust` orchestration with real-time ECharts telemetry via Redis Streams and WebSockets, safety kill-switches, and LLM-powered bottleneck PDF reports.\n*   **Exploit Readiness Layer (ERL)**: Containerized, non-destructive vulnerability validation with native proxy rotation and OpSec compliance built into the adapter layer.\n*   **Autonomous Recon Orchestration**: Temporal durable workflows with crash-safe execution, 10-attempt retry cap, full history replay at `localhost:8080`, and UI-based resume.\n*   **Nmap Vulners NSE Grouped Findings**: Product-version grouped vulnerability display in UI and PDF reports with collapsed/expandable CVE sub-tables.\n*   **Nuclei Sequential Severity Execution**: `NucleiPlannerWorkflow` runs severities sequentially to prevent OOM on large target sets, with per-severity activity status in the timeline.\n*   **Vulnerability Correlation Engine**: Unifies findings from Nuclei, Semgrep, Trivy, Gitleaks, Acunetix, Retire.js, and more into a prioritized threat landscape with persistent state tracking.\n*   **Scan Queueing**: Optional concurrency limiter (`max 1 main + 1 subscan`) with Temporal polling loop and settings panel toggle.\n\n### 🕵️ Surgical Reconnaissance \u0026 OSINT\n*   **Advanced Web API Discovery**: Kiterunner, Arjun, ParamSpider, LinkFinder, and InQL pipeline.\n*   **Deep Pursuit OSINT Engine**: Email pivoting (**holehe**), cross-platform social profile mapping (**maigret**), social presence discovery (**gosearch**), tactical identity permutation (**username-anarchy**), and a **Playwright-driven Social Intelligence Engine**.\n*   **URL Deduplication**: Two-pass dedup after `fetch_url` — URL signature dedup (pre-save) collapses parametric variants, content-based dedup (post-save) removes duplicate HTTP responses — reducing Tier 4–6 load.\n*   **Vulnerability Scanning**: Nuclei (sequential severity, auto-template updates), Semgrep (parallel downloads, 500-file cap, 5 MB per-file limit), WPScan, Dalfox (deep scan, WAF bypass, remote payloads), CRLFuzzer, S3Scanner, Gitleaks, Retire.js.\n*   **WHOIS, WAF Detection, and IP Geolocation**.\n\n### 🥷 Stealth \u0026 Operational Security (OpSec)\n*   **Enhanced Proxy Orchestration**: Automated fetching, validation, and per-tool rotation of proxies across all discovery modules.\n*   **Centralized Brute-Force Orchestration**: Hydra and Medusa integration with Proxychains4. Multi-service targeting: SSH, FTP, HTTP, SMB, RDP, Telnet.\n*   **OpSec Presets**: User-Agent rotation, stealth timing, custom DNS resolvers, WAF bypass headers, and TOR circuit rotation.\n*   **Hardened Scan Termination**: `abort_scan_history()` / `abort_subscan()` cancels all child subscans and Temporal workflows before database updates, eliminating orphaned processes.\n\n### 🎨 Visual \u0026 Administrative Interface\n*   **Cyberpunk V3 UI**: Glassmorphic dashboard — Hacker (Cyberpunk), Hybrid (Modern Dark), and Enterprise (Professional Slate) themes.\n*   **Attack Surface Map v4.0**: fCoSE and KLay layouts, hierarchical asset clustering (Domains \u003e Subdomains \u003e Endpoints), AI-driven graph search.\n*   **Tactical GeoMap Visualization**: CSS-animated markers and tooltip interactions for global asset positioning.\n*   **Bounty Hub**: HackerOne program management, asset tracking, and direct vulnerability reporting.\n*   **Automated Startup Sync**: On every orchestrator start — graph sync, CISA KEV catalog refresh, Semgrep rule sync, stuck scan recovery, and full CVE enrichment — all fire as one-shot Temporal schedules.\n*   **Configuration Export/Import**: Backup and restore API keys, wordlists, tool configs, and scan engines to/from a single `.zip`.\n*   **Scan Result Recovery**: `recover_scan_results` management command reconstructs the database from the `scan_results` volume on disk — idempotent, dry-run by default.\n*   **Customizable Alerts**: Notifications via Slack, Discord, Telegram, and Lark.\n\n### ⚡ Infrastructure \u0026 Performance\n*   **Django 5.2.3 LTS** (supported until April 2028) + **PostgreSQL 16** (supported until November 2028).\n*   **Gunicorn + Uvicorn ASGI**: 4-worker production server with full ASGI support for HTTP and Django Channels WebSocket streams.\n*   **Temporal Workflow Engine**: Durable execution, automatic retry with configurable backoff, per-workflow cancellation.\n*   **Automated Infrastructure Upgrade** (`make fullupgrade`): 8-step procedure covering DB backup, PostgreSQL major-version upgrade (idempotent), image rebuild, migration apply, and health verification.\n*   **Global Redis Caching**: Unified Redis-backed caching replacing per-process local memory for shared state efficiency.\n*   **Deterministic Resource Limits**: Docker `deploy.resources` limits for all production services.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## 🛠️ Development \u0026 Type Safety\n\nThe r3ngine frontend is built with a \"Safety-First\" philosophy under `strict: true` TypeScript throughout.\n\n*   **Full Strict Mode**: Eliminates hidden null pointers and undefined property access at build time.\n*   **Contract Integrity**: Frontend models mapped to the auto-generated OpenAPI schema (`src/types/api.ts`) with `verbatimModuleSyntax` for tree-shaking.\n*   **Modular Architecture**: Feature-based structure — each module (`targets`, `scans`, `vulnerabilities`) maintains its own API hooks and types.\n*   **Production Hardening**: CI/CD validates every commit against `tsc -b` and `vite build`.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Quick Installation\n\n### Quick Setup for Ubuntu/VPS\n\n1. Clone the repository\n\n    ```bash\n    git clone https://github.com/whiterabb17/r3ngine \u0026\u0026 cd r3ngine\n    ```\n\n1. Configure the environment\n\n    ```bash\n    nano .env\n    ```\n\n    **Ensure you change the `POSTGRES_PASSWORD` for security.**\n\n1. (Optional) For non-interactive install, set admin credentials in `.env`\n\n    ```bash\n    DJANGO_SUPERUSER_USERNAME=yourUsername\n    DJANGO_SUPERUSER_EMAIL=YourMail@example.com\n    DJANGO_SUPERUSER_PASSWORD=yourStrongPassword\n    ```\n\n1. Configure Temporal worker concurrency in `.env` (optional)\n\n    ```bash\n    TEMPORAL_MAX_CONCURRENT_ACTIVITIES=20\n    TEMPORAL_MAX_CONCURRENT_WORKFLOWS=10\n    ```\n\n    Recommended values by available RAM:\n\n    * 4 GB: `TEMPORAL_MAX_CONCURRENT_ACTIVITIES=10`\n    * 8 GB: `TEMPORAL_MAX_CONCURRENT_ACTIVITIES=20`\n    * 16 GB+: `TEMPORAL_MAX_CONCURRENT_ACTIVITIES=40`\n\n    The Temporal UI is available at `http://localhost:8080` for workflow inspection, history replay, and manual intervention.\n\n1. Run the installation script:\n\n    ```bash\n    sudo ./install.sh\n    ```\n\n    For non-interactive install: `sudo ./install.sh -n`\n\n    *Note: If needed, run `chmod +x install.sh` first.*\n\n**r3ngine is accessible at `https://127.0.0.1` (or your VPS IP). Do not expose via direct port access in production.**\n\n### Installation on Other Platforms\n\nFor Mac, Windows, or other systems, refer to the installation notes in [`docker/`](docker/) or open an issue for platform-specific guidance.\n\n## Updating\n\n```bash\ncd r3ngine \u0026\u0026 sudo ./update.sh\n```\n\nFor major version upgrades (including infrastructure changes), always use `make fullupgrade` instead of a plain `docker compose up`.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## 🔧 Administration \u0026 Recovery\n\n### Scan Result Recovery\n\nIf the database is lost or corrupted but the `scan_results` Docker volume is intact, the `recover_scan_results` management command can reconstruct the database from files on disk.\n\n**What is recovered** (when the corresponding output files exist):\n\n| Data | Source file(s) |\n|------|----------------|\n| Domain | Parsed from folder name (`domain_scanid`) |\n| ScanHistory | Folder mtime used as scan date |\n| Subdomains | `#id_subdomain_discovery.txt`, `subdomains_*.txt`, subscan dirs |\n| Ports + IpAddresses | `#id_port_scan.txt` — naabu JSONL and legacy JSON-object formats |\n| EndPoints | `#id_fetch_url.txt`, `urls_*.txt` |\n| Vulnerabilities | `*_nmap_vulns.json`, `#id_nuclei_*_module.txt` |\n| WAF associations | `#id_waf_detection.txt` linked to matching subdomains |\n\n**Usage** (run inside the `web` container):\n\n```bash\n# Dry-run — preview what would be recovered without writing anything\npython manage.py recover_scan_results\n\n# Apply — write recovered records to the database\npython manage.py recover_scan_results --apply\n\n# Recover a single scan folder\npython manage.py recover_scan_results --apply --scan-dir /usr/src/scan_results/example.io_108\n\n# Use a non-default results root\npython manage.py recover_scan_results --apply --results-root /alt/path/scan_results\n```\n\n```bash\ndocker-compose exec web python manage.py recover_scan_results --apply\n```\n\nThe command is **idempotent** — scans already in the database are skipped on every run.\n\n### CVE Data Synchronization\n\n```bash\n# Inside the web container:\npython manage.py sync_cve_data              # Enrich unenriched CVEs\npython manage.py sync_cve_data --kev        # Sync CISA KEV catalog only\npython manage.py sync_cve_data --refresh 30 # Re-enrich CVEs from last 30 days\npython manage.py sync_cve_data --all        # Full sync (KEV + unenriched)\n```\n\nCVE enrichment also runs automatically 5 minutes after every orchestrator startup.\n\n### Debugging\n\n1. Enable debug mode — edit `docker/web/entrypoint.sh` and add `export DEBUG=1` at the top, then `docker-compose restart web`.\n2. View logs: `make logs` or `docker compose logs temporal-python-orchestrator`.\n3. Temporal UI: `http://localhost:8080` — full workflow history, signals, event replay.\n4. Disable debug mode when done: set `DEBUG=0` and restart.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Screenshots\n\n### Scan Results\n\n![](.github/screenshots/scan_results.gif)\n\n### Live Logs\n\n![](.github/screenshots/live_logs.gif)\n\n### Mobile Interface\n\n![](.github/screenshots/mobile_interface.gif)\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Contributing\n\nContributions of all sizes are welcome. Whether fixing a typo, improving UI, or adding new features — every contribution matters.\n\nHow you can contribute:\n  * Code improvements and bug fixes\n  * Documentation updates\n  * New feature suggestions and implementations\n  * UI/UX enhancements\n  * Plugin development\n\nTo get started:\n  1. Check our [Contributing Guide](.github/CONTRIBUTING.md)\n  2. Pick an [open issue](https://github.com/whiterabb17/r3ngine/issues) or propose a new one\n  3. Fork the repository and create your branch\n  4. Make your changes and submit a pull request\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Submitting Issues\n\nWhen submitting issues, provide as much detail as possible:\n\n1. Enable debug mode (see [Debugging](#debugging) above)\n2. Run `make logs` to capture the full stack trace\n3. Check the browser developer console for XHR 500 errors\n4. Submit a GitHub issue with the stack trace, reproduction steps, and system information\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## Reporting Security Vulnerabilities\n\n**Do not** disclose security vulnerabilities publicly on GitHub issues.\n\nGo to the [Security tab](https://github.com/whiterabb17/r3ngine/security) and click **\"Report a vulnerability\"** to open GitHub's private vulnerability reporting form. Include:\n- Steps to reproduce\n- Potential impact\n- Suggested fixes or mitigations (if any)\n\nReports are reviewed within 48–72 hours. Responsible disclosure will be publicly acknowledged after the fix is released, unless you prefer to remain anonymous.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n## License\n\nDistributed under the GNU GPL v3 License. See [LICENSE](LICENSE) for more information.\n\n![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png)\n\n\u003cp align=\"right\"\u003e\u003ci\u003eNote: Parts of this README were written or refined using AI language models.\u003c/i\u003e\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhiterabb17%2Fr3ngine","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhiterabb17%2Fr3ngine","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhiterabb17%2Fr3ngine/lists"}