Shivani2812999/ai_powered_security_tool

# 🛡️ AI 安全评估工具 一个基于 AI 的网络安全系统，通过使用外部安全 API 分析 **URL、IP 地址和文件**来检测潜在威胁，并生成**智能风险评分及 AI 生成的安全报告**。 ## 🚀 功能 - 🔍 扫描 URL、IP 地址和文件（PDF、EXE、ZIP） - 🧠 集成多种安全 API： - VirusTotal - AbuseIPDB - URLScan - 📊 自定义风险评分引擎（0–100 分制） - ⚠️ 风险等级： - 安全 - 低风险 - 中等风险 - 高风险 - 严重 示例： https://www.google.com/ ---------> safe 1.1.1.1 ----------> low risk https://bit.ly ---------> medium risk http://www.eicar.org ----------> high risk 192.42.116.16 -----------> critical - 🤖 使用 LLM 生成 AI 驱动的安全报告 - 🖥️ 使用 Streamlit / Gradio 构建的简洁 UI - ⚙️ 模块化后端架构 ## 🏗️ 系统架构 用户输入 (URL / IP / File) ↓ 安全 API 层 (VirusTotal / AbuseIPDB / URLScan) ↓ 数据处理层 ↓ 风险评分引擎 ↓ AI 报告生成器 (LLM) ↓ 前端 UI (Streamlit / Gradio) ## ⚙️ 技术栈 - Python 🐍 - FastAPI / Flask（后端 API） - Streamlit / Gradio（前端 UI） - REST API（VirusTotal、AbuseIPDB、URLScan） - OpenAI / Gemini / Ollama（LLM 集成） - Git & GitHub - Docker（可选） ## 📦 安装与设置 ### 1. 克隆代码库 ``` git clone https://github.com/your-username/ai-security-tool.git cd ai-security-tool 2. Create virtual environment python -m venv .venv Activate: Windows .venv\Scripts\activate Mac/Linux source .venv/bin/activate 3. Install dependencies pip install -r requirements.txt 4. Configure environment variables Create a .env file in root directory: VIRUSTOTAL_API_KEY=your_key_here ABUSEIPDB_API_KEY=your_key_here URLSCAN_API_KEY=your_key_here OPENAI_API_KEY=your_key_here 5. Run the application If using FastAPI: uvicorn backend.main:app --reload If using Streamlit: streamlit run frontend/app.py 🧠 How It Works User submits input (URL, IP, or File) System sends data to security APIs API responses are normalized Risk engine calculates unified risk score LLM generates human-readable report Results displayed in UI 📊 Risk Engine Logic The system calculates risk based on weighted signals: VirusTotal detections → malware/suspicious weighting AbuseIPDB reputation → abuse confidence + report count URLScan verdict → malicious/suspicious penalty Final score is normalized between 0–100 and mapped to risk levels. 📌 Example Output Risk Score: 67 Risk Level: High Risk AI-Generated Report: Multiple security engines flagged suspicious activity Domain shows poor reputation history Recommendation: Avoid interacting with this resource 📁 Project Structure ai-security-tool/ │ ├── backend/ │ ├── main.py │ ├── risk_engine.py │ ├── api_clients.py │ ├── frontend/ │ ├── app.py │ ├── .venv/ ├── requirements.txt ├── .env ├── README.md 🔮 Future Enhancements 🔥 Malware static & dynamic file analysis 🔥 RAG-based threat intelligence system 🔥 Vector database for historical threat tracking 🔥 Real-time monitoring dashboard 🔥 SaaS deployment for enterprise use 🎯 Use Cases Cybersecurity analysts SOC teams Threat intelligence automation Educational cybersecurity projects Enterprise security monitoring tools 👨‍💻 Author Shivani Hadapad AI & Full Stack Developer Python | Java | FastAPI | Machine Learning | Cybersecurity ```

标签：AI风险缓解, AV绕过, FastAPI, Kubernetes, Streamlit, 反取证, 大模型, 威胁情报, 安全评估, 开发者工具, 访问控制, 请求拦截, 逆向工具, 风险评分