Nagesh-kamane/AI-Powered-Web-Vulnerability-Scanner-with-Real-Time-Dashboard

# ⬡ VulnScan AI ### AI-Powered Web Vulnerability Scanner with Real-Time Dashboard ## 🎯 什么是 VulnScan AI？ VulnScan AI is a production-grade web application security scanner that combines: - **Intelligent Web Crawling** — automatically discovers all pages and input fields - **Automated Payload Injection** — tests for SQLi, XSS, CSRF, and SSRF vulnerabilities - **Machine Learning** — filters false positives using a trained Random Forest model - **Claude AI Analysis** — explains every vulnerability in plain English with code fixes - **Real-Time Dashboard** — live progress feed with WebSocket updates - **Async Architecture** — Celery + Redis for non-blocking background scans ## ✨ 特性 ### 🔍 检测范围 | Vulnerability | Type | OWASP Reference | |--------------|------|-----------------| | SQL Injection | Injection | A03:2021 | | Cross-Site Scripting (XSS) | Injection | A03:2021 | | Cross-Site Request Forgery (CSRF) | Broken Access Control | A01:2021 | | Server-Side Request Forgery (SSRF) | SSRF | A10:2021 | | Security Misconfigurations | Misconfiguration | A05:2021 | ### 🤖 AI 驱动分析 - **Claude AI Integration** — generates plain English explanations for every vulnerability - **Attack Scenario Description** — shows exactly how an attacker would exploit the flaw - **Code Fix Examples** — language-specific code snippets to fix each vulnerability - **Executive Summary** — non-technical report with immediate action items - **ML False Positive Reduction** — Random Forest classifier trained on CVE datasets ### 📊 仪表板特性 - Live WebSocket scan progress feed - Risk score (0–100) with severity breakdown charts - CVE ID linking for each vulnerability - Scan history with all previous results - PDF and CSV report export - Filter vulnerabilities by severity (Critical / High / Medium / Low) ### 🏗️ 架构亮点 - Async scanning with Celery + Redis (UI never freezes) - PostgreSQL database for persistent scan storage - JWT authentication with bcrypt password hashing - Scope restriction (only scans authorized domains) - Rate limiting to prevent abuse - Docker + Docker Compose for one-command deployment ## 🚀 演示 ``` Target: http://testphp.vulnweb.com Crawl Depth: 2 Results: ✓ Pages crawled: 24 ✓ Forms found: 18 ✓ Payloads injected: 1,440 Vulnerabilities Found: 694 ├── SQLi → 312 (High) ├── XSS → 287 (High) ├── CSRF → 85 (Medium) └── SSRF → 10 (High) Risk Score: 67.4/100 — MODERATE RISK ``` ## 🛠️ 安装 ### 选项 1 — Docker（推荐） ``` git clone https://github.com/YOUR_USERNAME/ai-vuln-scanner.git cd ai-vuln-scanner docker-compose up --build ``` Open: `http://localhost:3000` ### 选项 2 — 手动安装 **Step 1 — Start Database & Redis** ``` docker-compose up db redis ``` **Step 2 — Backend** ``` cd backend pip install -r requirements.txt playwright install chromium cp .env.example .env alembic upgrade head python ml/train.py uvicorn main:app --reload ``` **Step 3 — Celery Worker** ``` # Windows $env:PYTHONPATH = "path\to\backend" celery -A core.celery_app worker --loglevel=info --pool=solo # Linux/Mac celery -A core.celery_app worker --loglevel=info ``` **Step 4 — Frontend** ``` cd frontend npm install npm run dev ``` ## 🗂️ 项目结构 ``` ai-vuln-scanner/ ├── backend/ │ ├── core/ │ │ ├── crawler.py # Web crawler (static + JS/SPA) │ │ ├── injector.py # Payload injection engine │ │ ├── payloads.py # SQLi, XSS, CSRF, SSRF payloads │ │ ├── tasks.py # Celery async pipeline │ │ ├── celery_app.py # Celery + Redis config │ │ └── llm_analyzer.py # Claude AI module │ ├── ml/ │ │ ├── model.py # Random Forest ML model │ │ └── train.py # Training script │ ├── models/ │ │ ├── models.py # Database models │ │ └── database.py # PostgreSQL connection │ ├── routes/ │ │ ├── auth.py # Authentication │ │ ├── scan.py # Scan endpoints │ │ ├── report.py # PDF/CSV export │ │ └── llm.py # AI analysis endpoints │ ├── utils/ │ │ ├── auth_utils.py # JWT + bcrypt │ │ ├── logger.py # Logging │ │ └── report_generator.py # Report generation │ └── main.py # FastAPI entry point ├── frontend/ │ └── src/ │ ├── pages/ │ │ ├── Login.jsx │ │ └── Dashboard.jsx │ └── components/ │ ├── ScanForm.jsx │ ├── ScanProgress.jsx │ ├── RiskChart.jsx │ ├── VulnTable.jsx │ ├── ScanHistory.jsx │ ├── AIAnalysis.jsx │ └── ReportDownload.jsx └── docker-compose.yml ``` ## 🔌 API 端点 | Method | Endpoint | Description | Auth | |--------|----------|-------------|------| | `POST` | `/api/auth/register` | Register new user | ❌ | | `POST` | `/api/auth/login` | Login, get JWT | ❌ | | `POST` | `/api/scan/start` | Start a scan | ✅ | | `GET` | `/api/scan/{id}/progress` | Live progress | ✅ | | `GET` | `/api/scan/{id}/results` | Scan results | ✅ | | `GET` | `/api/scan/history` | Scan history | ✅ | | `GET` | `/api/report/{id}/pdf` | PDF report | ✅ | | `GET` | `/api/report/{id}/csv` | CSV export | ✅ | | `GET` | `/api/llm/{id}/summary` | AI summary | ✅ | | `GET` | `/api/llm/{id}/vuln/{vid}` | AI vuln analysis | ✅ | **Swagger Docs:** `http://localhost:8000/docs` ## 💻 技术栈 | Layer | Technology | |-------|-----------| | Frontend | React 18 + Vite | | Backend | FastAPI (Python 3.11) | | Database | PostgreSQL + SQLAlchemy | | Task Queue | Celery + Redis | | ML Model | scikit-learn (Random Forest) | | AI Analysis | Claude API (Anthropic) | | Crawler | httpx + BeautifulSoup + Playwright | | Auth | JWT + bcrypt | | Reports | ReportLab | | Container | Docker + Docker Compose | ## 🧪 法律测试目标 ``` http://testphp.vulnweb.com # Acunetix demo http://demo.testfire.net # IBM AltoroMutual demo ``` ## 🚀 路线图 - [ ] Broken Authentication testing - [ ] CI/CD GitHub Actions integration - [ ] Scheduled automatic scans - [ ] Email/Slack alerts - [ ] Cloud deployment (AWS/GCP) ## 👨‍💻 作者 **Nagesh Kamane** ## ⚠️ 免责声明 For **educational and authorized security testing only**. Always obtain explicit permission before scanning any web application.

标签：AI安全扫描, AI驱动, Apex, AV绕过, Celery, Claude AI, CSRF, CSV报告, FastAPI, JWT认证, OWASP Top 10, PDF报告, PostgreSQL, Python, React, Redis, SSRF, Syscalls, WebSocket, Web漏洞扫描, XSS, 依赖分析, 关键词SEO, 安全监控, 实时仪表盘, 异步扫描, 搜索引擎查询, 无后门, 机器学习, 测试用例, 漏洞情报, 生产级扫描, 请求拦截, 逆向工具