Sangamesh-dev/redteam-copilot
GitHub: Sangamesh-dev/redteam-copilot
一款集成OSINT、端口扫描与CVE匹配的AI红队助理,帮助自动化生成渗透测试报告。
Stars: 0 | Forks: 0
# 🛡️ RedTeam Copilot
   
## 🌐 Live Demo
🔗 前端:[redteam-copilot.vercel.app](https://redteam-copilot.vercel.app)
## 📹 Demo Video
👉 Coming Soon — Full demo video on LinkedIn showing local run with nmap, CVE matching, and PDF report generation.
## 🚀 Features
- 🔍 **子域名枚举** — 通过 DNS 暴力破解发现子域名
- 🌐 **OSINT 收集** — WHOIS、DNS 记录、Shodan 集成
- 🔓 **端口扫描** — 由 Nmap 驱动的服务与版本检测
- 🛡️ **CVE 匹配** — 将发现的服务与 NVD 漏洞数据库匹配
- 🤖 **AI 分析** — Groq LLM 生成可读的安全洞察
- 📄 **PDF 报告生成** — 包含风险矩阵、攻击链和修复路线图的专业渗透测试报告
- ☁️ **云存储** — 报告安全存储在 Supabase
## 🛠️ Tech Stack
| Layer | Technology |
|-------|-----------|
| Frontend | React, Vite, TailwindCSS |
| Backend | FastAPI, Python 3.11 |
| AI | Groq LLM |
| Scanning | Nmap, dnspython, python-whois |
| CVE Data | NVD API |
| OSINT | Shodan API |
| Storage | Supabase |
| Deployment | Docker, Render, Vercel |
## ⚙️ Local Setup
### 先决条件
- Python 3.11+
- Node.js 18+
- Nmap installed on your system
- Windows: [nmap.org/download](https://nmap.org/download.html)
- Mac: `brew install nmap`
- Linux: `sudo apt install nmap`
### 1. 克隆仓库
```
git clone https://github.com/Sangamesh-dev/redteam-copilot.git
cd redteam-copilot
```
### 2. 后端设置
```
cd backend
cp .env.example .env
# 在 .env 中填写 API 密钥
pip install -r requirements.txt
uvicorn main:app --reload
```
### 3. 前端设置
```
cd frontend
cp .env.example .env
# 设置 VITE_API_URL=http://localhost:8000
npm install
npm run dev
```
### 4. 在浏览器中打开
```
http://localhost:5173
```
## 🔑 环境变量
### 后端 `.env`
```
GROQ_API_KEY=your_groq_api_key
SUPABASE_URL=your_supabase_url
SUPABASE_KEY=your_supabase_key
SUPABASE_BUCKET=pentest-reports
NVD_API_KEY=your_nvd_api_key
SHODAN_API_KEY=your_shodan_api_key
ALLOWED_ORIGINS=http://localhost:5173,https://your-app.vercel.app
```
### 前端 `.env`
```
VITE_API_URL=http://localhost:8000
```
## 🔗 API 端点
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/health` | Health check |
| GET | `/api/info` | API info |
| POST | `/api/scan` | Start a new scan |
| GET | `/api/scan/{scan_id}/stream` | Stream scan progress (SSE) |
| GET | `/api/report/{scan_id}` | Get scan report |
| GET | `/api/test-pdf` | Test PDF generation |
## ⚠️ 法律免责声明
## 📬 连接
- 🔗 LinkedIn: [Sangamesh Girish Dandin](https://www.linkedin.com/in/sangamesh-girish-dandin-553b45247/)
- 💻 GitHub: [Sangamesh-dev](https://github.com/Sangamesh-dev)
*Built with ❤️ by Sangamesh*
标签:AI安全, AV绕过, Chat Copilot, CTI, CVE漏洞匹配, DNS暴力枚举, DNS 解析, Docker, ESC4, FastAPI, Groq LLM, HTTP工具, Nmap, NVD, OSINT, PDF报告, Python, React, Supabase, Syscalls, TailwindCSS, Vite, 云存储, 修复路线图, 子域名枚举, 安全报告, 安全防御评估, 实时处理, 密码管理, 插件系统, 攻击链, 数据统计, 无后门, 无线安全, 端口扫描, 系统安全, 红队辅助, 网络信息收集, 自动化侦察, 虚拟驱动器, 请求拦截, 逆向工具, 风险矩阵