HyperSecurityLabs/oxide-communityedtion-v8.5.0

GitHub: HyperSecurityLabs/oxide-communityedtion-v8.5.0

Stars: 10 | Forks: 0

**OXIDE** (Open eXtensible Intelligence & Detection Engine) is a high-performance, AI-augmented web vulnerability scanner written entirely in **Rust**. It combines raw systems-level performance with machine learning-driven detection to find vulnerabilities that traditional scanners miss.

▷ This is the last freely-available Community Edition. Future development moves exclusively to OXIDE Pro Edition.

![](https://img.shields.io/badge/WHAT'S%20NEW-v8.5.0-50dca0?style=flat-square) **Braille in `[ ]`** — ScanBoard `[⠋]` / AgentBar `[⠋ ⠏]` in osaka-jade bright `#50dca0` · `src/cli/display.rs` **Full palette migration** — All 20 Gruvbox `GB_*` constants removed. Replaced with semantic aliases: [CRITICAL] → #ff3232 | [ HIGH ] → #ff6450 | [ MEDIUM ] → #ffb432 [ LOW ] → #f0a030 | [ INFO ] → #aac3eb | COL_DIM → #788298 OSAKA_JADE_B = #50dca0 | LAVENDER = #beb0eb | LAVENDER_BLUE = #aac3eb `src/cli/display.rs` · `src/main.rs` · `src/hybrid.rs` **Real-time `det:`/`err:` progress** — `prog_det`/`prog_err` atomics update live inside `fuzz_url()` after each finding and network error. No more frozen `det:0 err:0`. `src/hybrid.rs` **Evidence = real response body** — XSS/LFI/CMDi/SSTI findings carry first 200 bytes of actual response body instead of bare `"HTTP 200"`. Enables accurate confirmation. `src/hybrid.rs` **Confirm filter overhaul** — auto-pass evidence >10 chars, preserve Critical/High by default, new patterns: ` bool> = lib.get(b"hs_check_leaks")?; let leaks = func(); } **Build:** cargo build -p hypersecurity --release # target/release/libhypersecurity.so ![](https://img.shields.io/badge/HARDENING-ff6450?style=flat-square) | Feature | Description | |---------|-------------| | XOR-encrypted SQLite | Database encrypted with version-tied XOR key | | Magic header verify | Decrypted temp validated before use | | Temp file cleanup | Decrypted DB deleted immediately after load | | Proxy FFI sandbox | `oxide-proxy` separate compilation unit, `panic=abort` | | Runtime enforcement | Binary won't start without proxy library | | W+X scanning | `hs_check_leaks` monitors `/proc/self/maps` | | Cache sanitisation | `hs_sanitise_cache` drops kernel page cache | | Legal protection | Proprietary license — name/brand protected | ![](https://img.shields.io/badge/CODE%20QUALITY-50dca0?style=flat-square) - Zero Rust compiler warnings (`cargo check` + `cargo build --release -j2` pass clean) - Zero `#[allow(dead_code)]` attributes - All orphaned duplicate code removed - No placeholder stubs, no `todo!()` macros - Every module is real, working, production code - Full palette migration — zero legacy Gruvbox references remain ![](https://img.shields.io/badge/KALI%20LINUX-557C94?style=flat-square) OXIDE is battle-tested on Kali Linux: sudo cp oxide /usr/local/bin/ && sudo cp libhypersecurity.so /usr/local/lib/ ![](https://img.shields.io/badge/KNOWN%20LIMITS-788298?style=flat-square) | # | Limitation | Platform | Workaround | |---|------------|----------|------------| | 1 | `pnet` raw TCP recon | Linux only | Windows: passive HTTP recon fallback | | 2 | Proxy .so/.dll required | All | Place next to binary | | 3 | `ring` + MSVC linker | Windows MSVC | Use `x86_64-pc-windows-gnu` | | 4 | Cache sanitisation | Linux | Root only — silently no-ops | ![](https://img.shields.io/badge/FILES%20CHANGED-beb0eb?style=flat-square) | File | Change | |------|--------| | `src/cli/display.rs` | Braille `[]`, palette migration, GB_*→COL_*, thinner borders | | `src/cli/args.rs` | `--duration`, `--payloads`/`--exploitation` aliases | | `src/hybrid.rs` | det/err progress, body evidence, WAF fix, duration gates | | `src/main.rs` | COL_* imports, findings always print, request count fix | | `src/detection/confirm.rs` | Auto-pass evidence, expanded patterns | | `src/detection/matcher.rs` | 10 new SQLi regex | | `src/detection/analyzer.rs` | WAF gate: requires "waf" + "blocked"/"denied" | | `src/scanner/sqli_scanner.rs` | `exploitation_level` + `silent_mode` params | | `Cargo.toml` | Workspace members | | `.cargo/config.toml` | `jobs=2` | **Added:** `hypersecurity/Cargo.toml`, `hypersecurity/src/lib.rs`, `.cargo/config.toml`, `GITHUB.md` ![](https://img.shields.io/badge/LICENSE-ff6450?style=flat-square) **Proprietary** — Copyright © 2024-2026 khaninkali · HyperSecurityLabs · All Rights Reserved | Action | Public | Members | |--------|--------|---------| | View/fork/reference | ✅ | ✅ | | Personal/edu use | ✅ | ✅ | | Modify/distribute | ❌ | ✅ | | Remove attribution | ❌ **Never** | ❌ **Never** | | Sell/rebrand | ❌ Legal action | ❌ Legal action |

This is the final Community Edition — countless hours of work. If OXIDE helped you in a pentest, CTF, or research, please star the repository ★

![](https://img.shields.io/badge/CONNECT-beb0eb?style=flat-square) | Platform | Link | |----------|------| | 🐙 GitHub | [github.com/hypersecuritylabs](https://github.com/hypersecuritylabs) | | 🌐 Website | [hypersecurityoffensivelabs.Official.Site](https://hypersecurityoffensivelabs-about.is-best.net/) | | 💬 Telegram | [t.me/hypersecurity_offsec](https://t.me/hypersecurity_offsec) | | 🐉 Kali Linux | [kali.org/tools](https://www.kali.org/tools/) |

Built with 🦀 Rust · Forged in the offensive security trenches
HyperSecurityLabs · OXIDE Framework v8.5.0
"Scan everything. Trust nothing. Patch accordingly."

标签：通知系统