csejobaer/BugHunterAI
GitHub: csejobaer/BugHunterAI
一款基于Python的Web漏洞扫描器,利用AI模型降低误报率,可自动检测SQL注入、XSS、LFI、IDOR等常见漏洞并生成多格式报告。
Stars: 1 | Forks: 1
# Bug Hunter AI 🔍
## 📋 功能特性
- ✅ **SQL 注入检测** (报错注入、联合查询注入、时间盲注)
- ✅ **XSS 检测** (反射型和 DOM 型)
- ✅ **LFI/RFI 检测**
- ✅ **IDOR 检测**
- ✅ **AI 驱动的检测** (减少误报)
- ✅ **多线程扫描** (最多 20 个线程)
- ✅ **精美的 HTML/JSON/文本报告**
- ✅ **侦察模块**
## 🚀 快速安装
```
# Clone repository
git clone https://github.com/csejobaer/BugHunterAI.git
cd bug-hunter-ai
#Use a virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Run scan
python main.py -u http://testphp.vulnweb.com
```
## 📁 项目结构
```
bug-hunter-ai/
│
├── main.py # Main entry point
├── config.py # Configuration settings
├── requirements.txt # Dependencies
│
├── core/ # Core modules
│ ├── scanner.py # Scanner engine
│ ├── ai_detector.py # AI detection model
│ └── reporter.py # Report generator
│
├── modules/ # Scanner modules
│ ├── sqli_scanner.py # SQL injection
│ ├── xss_scanner.py # XSS detection
│ ├── lfi_scanner.py # LFI detection
│ ├── idor_scanner.py # IDOR detection
│ └── recon.py # Reconnaissance
│
├── reports/ # Generated reports
├── models/ # Trained AI models
└── payloads/ # Payload files
```
## 🔧 使用示例
### 基础扫描
```
python main.py -u https://example.com
```
### 使用自定义线程的高级扫描
```
python main.py -u https://example.com -t 20
```
### 禁用 AI 检测
```
python main.py -u https://example.com --no-ai
```
### 自定义超时
```
python main.py -u https://example.com --timeout 15
```
### 命令行参数
| 参数 | 描述 | 默认值 |
|----------|-------------|---------|
| `-u, --url` | 目标 URL (必填) | - |
| `-t, --threads` | 线程数 | 10 |
| `--no-ai` | 禁用 AI 检测 | False |
| `--timeout` | 请求超时 (秒) | 10 |
## 📊 示例输出
```
╔════════════════════════════════════════════════════════════════╗
║ Bug Hunter AI - Professional Tool ║
╚════════════════════════════════════════════════════════════════╝
[+] Target: http://testphp.vulnweb.com
[+] AI Detection: Enabled
[+] Threads: 10
[*] Phase 1: Reconnaissance...
[+] Found 45 unique URLs
[*] Phase 2: Vulnerability Scanning...
[!] SQLi Found: http://testphp.vulnweb.com/artists.php?artist=1'
[!] XSS Found: http://testphp.vulnweb.com/search.php?search=