Skip to content

Harry7U/ExploitAI-on

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
Install
Install
 
 
config
config
 
 
scripts
scripts
 
 
README.md
README.md
 
 
main.py
main.py
 
 
project_structure.txt
project_structure.txt
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

🌟🤖 ExploitAI-on: AI-Driven Bug Bounty Automation Tool 🌍💻

📝 Overview

ExploitAI-on is a cutting-edge, AI-powered penetration testing framework designed to automate and streamline bug bounty workflows. It integrates traditional security tools with AI-driven analysis to:

  • 🕸️ Enumerate Subdomains
  • 🌐 Collect URLs
  • 🔍 Filter for Vulnerabilities
  • 💥 Generate Custom AI Exploit Payloads
  • 🛡️ Execute Automated Vulnerability Tests
  • Perform AI-Driven Fuzzing
  • 📋 Generate Structured Reports

💻 System Requirements

  • Hardware:

    • 🧠 Minimum 4GB RAM (8GB recommended)
    • 💾 Dual-core CPU or better
    • 💽 At least 10GB free storage

  • Software:

    • 🐧 OS: Kali Linux, Ubuntu, or Debian-based systems
    • 🐍 Python 3.8+
    • 🧩 Git, Go
    • 🤖 OpenAI API Key
    • 🛠️ Bug bounty tools: subfinder, amass, assetfinder, waybackurls, gau, katana, gf, dalfox, sqlmap, ffuf

⚙️ Installation Process

🧩 1. Clone the Repository:

git clone https://github.com/Harry7U/ExploitAI-on.git
cd exploitAI-on

📦 2. Run the Installation Script:

cd install
chmod +x install.sh
./install.sh

This script installs system packages, Python dependencies, and security tools.

🔑 3. Configure API Keys:

Edit configs/config.json and insert your OpenAI API key:

{
    "openai_api_key": "YOUR_OPENAI_API_KEY"
}

🛠️ Workflow & Usage

🌍 1. Subdomain Enumeration

  • Identifies subdomains using subfinder, amass, and assetfinder.
  • Command:
python3 main.py -d <domain> --enumerate
  • ✅ Output: output/subdomains.txt

🌐 2. URL Collection

  • Collects URLs using waybackurls, gau, and katana.
  • Command:
python3 main.py --collect
  • ✅ Output: output/urls.txt

🔎 3. Vulnerability Filtering

  • Extracts URLs with potential vulnerabilities using gf.
  • Command:
python3 main.py --filter
  • ✅ Output: output/xss.txt, output/sqli.txt

🤖 4. AI-Powered Payload Generation

  • Uses OpenAI API to generate custom payloads.
  • Command:
python3 main.py --generate
  • ✅ Output: output/ai_payloads.json

🛡️ 5. Automated Vulnerability Testing

  • XSS Testing:
python3 main.py --test-xss

  • ✅ Output: output/xss_results.txt

  • SQL Injection Testing:

python3 main.py --test-sqli
  • ✅ Output: output/sqlmap_results

6. AI-Driven Fuzzing

  • Uses AI-generated wordlist and runs ffuf.
  • Command:
python3 main.py -d <domain> --fuzz
  • ✅ Output: output/fuzz_wordlist.txt, output/ffuf_results.json

📋 7. Report Generation

  • Aggregates results into JSON & CSV reports.
  • Command:
python3 main.py --report
  • ✅ Output: output/results.json, output/results.csv

🤖 Automation & AI Enhancements

  • AI-Powered Payloads: Customized payloads based on vulnerability patterns.
  • 🕶️ Hidden Parameter Discovery: AI suggests hidden GET/POST parameters.
  • 🚀 Intelligent Fuzzing: AI prioritizes high-risk attack vectors.

💡 Future Enhancements

  • 📊 Web dashboard for visualized scan results
  • 📨 Integration with bug bounty platforms
  • ⚡ Parallel execution for faster scanning

🌍 Contributing

Contributions are welcome! Follow our repository guidelines for bug reports and pull requests.

💥 Happy Hacking! 🎯🐞🚀

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages