{"id":48289813,"url":"https://github.com/yashab-cyber/secscanx","last_synced_at":"2026-04-04T23:02:51.000Z","repository":{"id":309085641,"uuid":"1031537560","full_name":"yashab-cyber/SecScanX","owner":"yashab-cyber","description":"AI-Assisted Vulnerability Assessment \u0026 Penetration Testing Tool SecScanX is an open-source security scanning platform that combines traditional penetration testing tools with artificial intelligence to provide comprehensive vulnerability assessments. Designed for beginners, researchers, and security professionals, ","archived":false,"fork":false,"pushed_at":"2025-08-09T17:46:52.000Z","size":261,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-09T19:29:20.332Z","etag":null,"topics":["ai","ai-agents","cybersecurity","ethical-hacking","vapt"],"latest_commit_sha":null,"homepage":"https://www.zehrasec.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yashab-cyber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-04T00:23:37.000Z","updated_at":"2025-08-09T17:46:55.000Z","dependencies_parsed_at":"2025-08-09T19:29:23.733Z","dependency_job_id":"95615330-0e22-40fc-b8cd-4734a1e128f4","html_url":"https://github.com/yashab-cyber/SecScanX","commit_stats":null,"previous_names":["yashab-cyber/secscanx"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/yashab-cyber/SecScanX","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yashab-cyber%2FSecScanX","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yashab-cyber%2FSecScanX/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yashab-cyber%2FSecScanX/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yashab-cyber%2FSecScanX/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yashab-cyber","download_url":"https://codeload.github.com/yashab-cyber/SecScanX/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yashab-cyber%2FSecScanX/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31418287,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T20:09:54.854Z","status":"ssl_error","status_checked_at":"2026-04-04T20:09:44.350Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agents","cybersecurity","ethical-hacking","vapt"],"created_at":"2026-04-04T23:02:13.133Z","updated_at":"2026-04-04T23:02:50.989Z","avatar_url":"https://github.com/yashab-cyber.png","language":"JavaScript","funding_links":["https://paypal.me/yashab07"],"categories":[],"sub_categories":[],"readme":"# šŸ›”ļø SecScanX\n\n**AI-Assisted Vulnerability Assessment \u0026 Penetration Testing Tool**\n\nSecScanX is an open-source security scanning platform that combines traditional penetration testing tools with artificial intelligence to provide comprehensive vulnerability assessments. Designed for beginners, researchers, and security professionals, it offers automated reconnaissance, intelligent analysis, and detailed reporting.\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)\n[![React](https://img.shields.io/badge/React-18+-61DAFB.svg)](https://reactjs.org/)\n\n## šŸ”§ Features\n\n| Category | Features |\n|----------|----------|\n| āœ… **Reconnaissance** | Subdomain finder, WHOIS lookup, port scanning, DNS enumeration |\n| šŸ§  **AI Assistant** | Interprets scan results, suggests next steps, explains findings |\n| šŸš€ **Automation** | Automated comprehensive scans via CLI or web interface |\n| šŸ“Š **Reports** | Generates professional PDF and HTML reports |\n| šŸ‘„ **Multi-user** | Team collaboration with project management and audit logs |\n| šŸŽÆ **Learning Mode** | Educational explanations for students and beginners |\n| ā˜ļø **API Ready** | RESTful API for integration and automation |\n| šŸ”’ **Security** | Rate limiting, authentication, and secure configurations |\n\n## šŸš€ Quick Start\n\n### Prerequisites\n\n- Python 3.8+ and pip\n- Node.js 16+ and npm\n- nmap, dnsutils, whois (installed automatically)\n\n### Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/yashab-cyber/SecScanX.git\ncd SecScanX\n\n# Run the installation script (Ubuntu/Debian)\nchmod +x scripts/install.sh\n./scripts/install.sh\n\n# Or install manually:\n# Backend setup\ncd backend\npython3 -m venv venv\nsource venv/bin/activate\npip install -r requirements.txt\n\n# Frontend setup\ncd ../frontend\nnpm install\n\n# CLI setup\ncd ../cli\npip3 install -r requirements.txt\nchmod +x secscanx.py\n```\n\n### Configuration\n\n```bash\n# Copy and edit environment file\ncp .env.example .env\n# Edit .env with your settings (API keys, database config, etc.)\n```\n\n### Running SecScanX\n\n**Start the Backend API:**\n```bash\ncd backend\nsource venv/bin/activate\npython app.py\n# API available at http://localhost:5000\n```\n\n**Start the Frontend (new terminal):**\n```bash\ncd frontend\nnpm start\n# Web interface at http://localhost:3000\n```\n\n**Use the CLI:**\n```bash\n# Add to PATH or use directly\n./cli/secscanx.py --help\n\n# Example scans\nsecscanx subdomain example.com\nsecscanx port 192.168.1.1 --port-range 1-1000\nsecscanx vuln https://example.com --scan-type web\n```\n\n## šŸ“– Usage Examples\n\n### Web Interface\n\n1. **Dashboard**: View scan statistics, recent results, and quick actions\n2. **Scanner**: Configure and run different types of security scans\n3. **Results**: Analyze findings with AI-powered insights\n4. **Reports**: Generate professional security assessment reports\n5. **AI Assistant**: Chat with AI for security advice and explanations\n\n### Command Line Interface\n\n```bash\n# Comprehensive subdomain enumeration\nsecscanx subdomain target.com --output results.json\n\n# Port scan with custom range\nsecscanx port 10.0.0.1 --port-range 1-65535\n\n# Web application vulnerability assessment\nsecscanx vuln https://target.com --scan-type comprehensive\n\n# DNS reconnaissance\nsecscanx dns target.com\n\n# Generate professional report\nsecscanx report results.json --format pdf\n```\n\n### API Usage\n\n```python\nimport requests\n\n# Start a subdomain scan\nresponse = requests.post('http://localhost:5000/api/scan/subdomain', \n json={'domain': 'example.com'})\nresult = response.json()\n\n# Get AI analysis\nai_response = requests.post('http://localhost:5000/api/ai/chat',\n json={'message': 'Explain this vulnerability', \n 'context': result})\n```\n\n## šŸ—ļø Architecture\n\nSecScanX follows a modular architecture:\n\n```\nSecScanX/\nā”œā”€ā”€ backend/ # Python Flask API server\nā”‚ ā”œā”€ā”€ app.py # Main application\nā”‚ ā”œā”€ā”€ modules/ # Scanning and AI modules\nā”‚ ā””ā”€ā”€ models/ # Database models\nā”œā”€ā”€ frontend/ # React web interface\nā”‚ ā”œā”€ā”€ src/\nā”‚ ā””ā”€ā”€ components/\nā”œā”€ā”€ cli/ # Command-line interface\nā”œā”€ā”€ reports/ # Generated reports\nā”œā”€ā”€ docs/ # Documentation\nā””ā”€ā”€ scripts/ # Installation and utility scripts\n```\n\n### Key Components\n\n- **Reconnaissance Module**: Subdomain enumeration, port scanning, DNS/WHOIS lookups\n- **AI Assistant**: OpenAI integration for intelligent analysis and recommendations\n- **Vulnerability Scanner**: Web app and network service security assessment\n- **Report Generator**: Professional PDF/HTML report creation\n- **Multi-user System**: Authentication, projects, and audit logging\n\n## šŸ” Scan Types\n\n### 1. Subdomain Enumeration\n- Brute force common subdomains\n- Certificate Transparency log search\n- DNS zone transfer attempts\n- AI analysis of discovered subdomains\n\n### 2. Port Scanning\n- TCP/UDP port discovery\n- Service version detection\n- Operating system fingerprinting\n- Risk assessment of open services\n\n### 3. Vulnerability Assessment\n- Web application security testing\n- Network service vulnerability detection\n- SSL/TLS configuration analysis\n- Security header verification\n\n### 4. DNS Enumeration\n- A, AAAA, MX, NS, TXT record collection\n- DNS zone information gathering\n- Email server discovery\n- Infrastructure mapping\n\n### 5. WHOIS Lookup\n- Domain registration information\n- Ownership and contact details\n- Name server identification\n- Expiration date monitoring\n\n## šŸ¤– AI Features\n\nSecScanX integrates AI to enhance security assessments:\n\n- **Intelligent Analysis**: Automatically interprets scan results\n- **Risk Assessment**: Prioritizes findings by severity and impact\n- **Remediation Guidance**: Provides specific fix recommendations\n- **Learning Mode**: Explains techniques for educational purposes\n- **Contextual Chat**: Interactive AI assistant for security questions\n\n## šŸ“Š Reporting\n\nGenerate professional security reports in multiple formats:\n\n- **HTML Reports**: Interactive web-based reports with charts\n- **PDF Reports**: Professional documents for stakeholders\n- **JSON Exports**: Machine-readable data for integration\n- **Executive Summaries**: High-level findings for management\n\n## šŸ” Security Considerations\n\n**Important**: SecScanX is designed for authorized security testing only.\n\n- Only scan systems you own or have explicit permission to test\n- Some scans may be detected by security systems\n- Follow responsible disclosure practices\n- Respect rate limits and target system resources\n- Review local laws and regulations before testing\n\n## šŸ¤ Contributing\n\nWe welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n### Development Setup\n\n```bash\n# Clone and setup development environment\ngit clone https://github.com/yashab-cyber/SecScanX.git\ncd SecScanX\n\n# Install development dependencies\npip install -r backend/requirements-dev.txt\nnpm install --dev --prefix frontend\n\n# Run tests\npytest backend/tests/\nnpm test --prefix frontend\n```\n\n## šŸ’° Support SecScanX\n\nHelp us improve SecScanX by supporting the development! Your donations enable us to:\n\n- šŸš€ **Develop new features** - Advanced scanning modules and AI capabilities\n- šŸ”’ **Enhance security** - Better vulnerability detection and exploit research\n- šŸ“š **Create educational content** - Tutorials and penetration testing resources\n- šŸŒ **Grow the community** - Support contributors and maintain infrastructure\n\n### šŸŒŸ Donation Methods\n\n**Cryptocurrency (Preferred):**\n- **Solana (SOL):** `5pEwP9JN8tRCXL5Vc9gQrxRyHHyn7J6P2DCC8cSQKDKT`\n- **Bitcoin (BTC):** `bc1qmkptg6wqn9sjlx6wf7dk0px0yq4ynr4ukj2x8c`\n- **Ethereum (ETH):** Contact yashabalam707@gmail.com for current address\n\n**Traditional Methods:**\n- **PayPal:** yashabalam707@gmail.com\n- **Direct Link:** [paypal.me/yashab07](https://paypal.me/yashab07)\n\n### šŸŽ Supporter Benefits\n\nAll donors receive:\n- šŸ“§ Exclusive monthly newsletter with security insights\n- šŸŽ® Early access to beta features and new scanning modules\n- šŸ’¬ Access to private contributor community\n- šŸ“š Advanced penetration testing resources and methodologies\n\n**[šŸ“‹ View Full Donation Details](DONATE.md)**\n\n## šŸ† Connect with ZehraSec\n\n**Official Channels:**\n- šŸŒ **Website:** [www.zehrasec.com](https://www.zehrasec.com)\n- šŸ“ø **Instagram:** [@_zehrasec](https://www.instagram.com/_zehrasec?igsh=bXM0cWl1ejdoNHM4)\n- šŸ“˜ **Facebook:** [ZehraSec Official](https://www.facebook.com/profile.php?id=61575580721849)\n- šŸ¦ **X (Twitter):** [@zehrasec](https://x.com/zehrasec?t=Tp9LOesZw2d2yTZLVo0_GA\u0026s=08)\n- šŸ’¼ **LinkedIn:** [ZehraSec Company](https://www.linkedin.com/company/zehrasec)\n\n**Connect with Yashab Alam (Creator):**\n- šŸ’» **GitHub:** [@yashab-cyber](https://github.com/yashab-cyber)\n- šŸ“ø **Instagram:** [@yashab.alam](https://www.instagram.com/yashab.alam)\n- šŸ’¼ **LinkedIn:** [Yashab Alam](https://www.linkedin.com/in/yashab-alam)\n\n## šŸ“ License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n## šŸ™ Acknowledgments\n\n- Built with Flask, React, and modern web technologies\n- Integrates nmap, dnspython, and other security tools\n- UI components from Material-UI\n- Charts powered by Recharts\n- AI capabilities via OpenAI API\n\n## šŸ“ž Support\n\n- šŸ“š **Documentation**: [Wiki](https://github.com/yashab-cyber/SecScanX/wiki)\n- šŸ› **Bug Reports**: [Issues](https://github.com/yashab-cyber/SecScanX/issues)\n- šŸ’¬ **Discussions**: [GitHub Discussions](https://github.com/yashab-cyber/SecScanX/discussions)\n- šŸ“§ **Email**: yashabalam707@gmail.com\n- šŸ’° **Donations**: [Support Development](DONATE.md)\n\n## āš ļø Disclaimer\n\nSecScanX is for educational and authorized testing purposes only. Users are responsible for complying with applicable laws and obtaining proper authorization before scanning any systems. The developers assume no liability for misuse of this tool.\n\n---\n\n**Made with ā¤ļø by Yashab Alam (Founder of ZehraSec) for the cybersecurity community**","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyashab-cyber%2Fsecscanx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyashab-cyber%2Fsecscanx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyashab-cyber%2Fsecscanx/lists"}