An integrated AI-powered cybersecurity platform that consolidates vulnerability scanning tools (Nmap, OpenVAS, Nessus, Nikto, Nuclei) with intelligent threat analysis using Google Gemini and LangChain RAG.
- Multi-tool Integration: Nmap, OpenVAS, Nessus, Nikto, Nuclei
- Responsive Web GUI: Modern dashboard for scan management
- Real-time Progress: Live scanning status and updates
- CVE Correlation: Automatic matching with NVD database
- CVSS Scoring: Risk prioritization and impact assessment
- Attack Path Generation: MITRE ATT&CK framework integration
- Threat Intelligence: ExploitDB, Rapid7, CISA KEV integration
- RAG Chatbot: Google Gemini with LangChain implementation
- Natural Language Queries: Ask questions about vulnerabilities
- Contextual Responses: Exploit steps and remediation guidance
- Multi-user Support: Concurrent chatbot interactions
- Backend: Python Flask, SQLAlchemy, PostgreSQL
- AI/ML: LangChain, Google Gemini, ChromaDB, FAISS
- Frontend: HTML5, CSS3, JavaScript (Vanilla)
- Scanners: Nmap, OpenVAS, Nessus, Nikto, Nuclei
- Containerization: Docker, Docker Compose
- Task Queue: Celery with Redis
- Python 3.9+
- Docker & Docker Compose
- PostgreSQL 13+
- Redis Server
- Google API Key (for Gemini)
- RAM: 8GB minimum, 16GB recommended
- Storage: 20GB for vulnerability databases
- Network: Internet access for threat intelligence feeds
git clone <repository-url>
cd centralized-vulnerability-detection
cp .env.example .envEdit .env file:
GOOGLE_API_KEY=your_gemini_api_key_here
DATABASE_URL=postgresql://user:pass@localhost:5432/vuln_db
REDIS_URL=redis://localhost:6379/0pip install -r requirements.txtpython -m flask db init
python -m flask db migrate
python -m flask db upgrade# Using Docker Compose (Recommended)
docker-compose up -d
# Or manually
python app/main.py- Web Interface: http://localhost:5000
- API Documentation: http://localhost:5000/docs
- Admin Panel: http://localhost:5000/admin
- Navigate to the dashboard
- Enter target (IP, domain, or network range)
- Select scanning tools (Nmap, OpenVAS, etc.)
- Click "Start Scan"
- Monitor progress in real-time
- Go to the Chat interface
- Ask questions like:
- "What are the critical vulnerabilities?"
- "How do I exploit CVE-2023-12345?"
- "Show me attack paths for high-risk hosts"
- Get intelligent responses with references
- Select completed scans
- Choose report format (PDF, JSON, XML)
- Download structured vulnerability reports
βββββββββββββββββββ ββββββββββββββββββββ βββββββββββββββββββ
β Web Frontend βββββΊβ Flask Backend βββββΊβ PostgreSQL β
βββββββββββββββββββ ββββββββββββββββββββ βββββββββββββββββββ
β
βΌ
ββββββββββββββββββββ
β Scanner Tools β
β NmapβOpenVASβ... β
ββββββββββββββββββββ
β
βΌ
ββββββββββββββββββββ
β RAG System β
β GeminiβLangChain β
ββββββββββββββββββββ
- Nmap: Pre-installed with python-nmap
- OpenVAS: Configure in
scanners/openvas_client.py - Nessus: Add API keys in environment variables
- Nikto: Command-line integration
- Nuclei: Template-based scanning
- Google Gemini: Set
GOOGLE_API_KEYin .env - Vector Database: ChromaDB for embeddings
- Knowledge Base: Automatic threat intelligence updates
# Run all tests
pytest
# Test specific components
pytest tests/test_scanners.py
pytest tests/test_rag.py
pytest tests/test_api.py
# Coverage report
pytest --cov=app tests/POST /api/scans/start- Start vulnerability scanGET /api/scans/{id}/status- Check scan progressGET /api/scans/{id}/results- Get scan results
GET /api/vulnerabilities- List all vulnerabilitiesGET /api/vulnerabilities/{id}- Get vulnerability detailsPOST /api/vulnerabilities/search- Search vulnerabilities
POST /api/chat/query- Send query to AI chatbotGET /api/chat/history- Get chat historyDELETE /api/chat/clear- Clear chat session
- Data Encryption: All sensitive data encrypted at rest
- API Authentication: JWT-based authentication system
- Input Validation: Comprehensive input sanitization
- Rate Limiting: API rate limiting implemented
- Audit Logging: Complete audit trail for all actions
- Async Processing: Celery for background tasks
- Database Indexing: Optimized queries for large datasets
- Caching: Redis caching for frequent queries
- Connection Pooling: Database connection optimization
# Build production image
docker build -t vuln-detector .
# Deploy with scaling
docker-compose -f docker-compose.prod.yml up -d --scale worker=3- Development:
config/dev.py - Testing:
config/test.py - Production:
config/prod.py
- Fork the repository
- Create feature branch (
git checkout -b feature/AmazingFeature) - Commit changes (
git commit -m 'Add AmazingFeature') - Push to branch (
git push origin feature/AmazingFeature) - Open Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Documentation:
/docsfolder - Issues: GitHub Issues tracker
- Email: support@vulndetector.com
- β Basic vulnerability scanning
- β Google Gemini RAG integration
- β Web dashboard
- π Advanced attack path visualization
- π Compliance reporting (SOX, HIPAA, PCI-DSS)
- π Mobile application
- π Machine learning for false positive reduction
- π Integration with SIEM/SOAR platforms
- π Enterprise SSO support
Built with β€οΈ for SIH 2025 Hackathon