mirror of
https://github.com/mblanke/StrikePackageGPT.git
synced 2026-03-01 06:10:21 -05:00
feat: Add HackGpt Enterprise features
- 6-Phase pentest methodology UI (Recon, Scanning, Vuln, Exploit, Report, Retest) - Phase-aware AI prompts with context from current phase - Attack chain analysis and visualization - CVSS-style severity badges (CRITICAL/HIGH/MEDIUM/LOW) - Findings sidebar with severity counts - Phase-specific tools and quick actions
This commit is contained in:
151
README.md
151
README.md
@@ -1 +1,150 @@
|
||||
# StrikePackageGPT
|
||||
# ⚡ StrikePackageGPT
|
||||
|
||||
AI-powered security analysis platform combining LLM capabilities with professional penetration testing tools.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## 🎯 Overview
|
||||
|
||||
StrikePackageGPT provides security researchers and penetration testers with an AI assistant specialized in:
|
||||
|
||||
- **Reconnaissance** - OSINT, subdomain enumeration, port scanning strategies
|
||||
- **Vulnerability Analysis** - CVE research, misconfiguration detection
|
||||
- **Exploit Research** - Safe research and documentation of exploits
|
||||
- **Report Generation** - Professional security assessment reports
|
||||
|
||||
## 🚀 Quick Start
|
||||
|
||||
### Prerequisites
|
||||
|
||||
- Docker & Docker Compose
|
||||
- 8GB+ RAM recommended (for local LLM)
|
||||
- (Optional) OpenAI or Anthropic API key
|
||||
|
||||
### Installation
|
||||
|
||||
1. **Clone the repository**
|
||||
```bash
|
||||
git clone https://github.com/mblanke/StrikePackageGPT.git
|
||||
cd StrikePackageGPT
|
||||
```
|
||||
|
||||
2. **Configure environment** (optional)
|
||||
```bash
|
||||
cp .env.example .env
|
||||
# Edit .env to add API keys if using cloud LLMs
|
||||
```
|
||||
|
||||
3. **Start the services**
|
||||
```bash
|
||||
docker-compose up -d
|
||||
```
|
||||
|
||||
4. **Pull a local model** (first time only)
|
||||
```bash
|
||||
docker exec -it strikepackage-ollama ollama pull llama3.2
|
||||
```
|
||||
|
||||
5. **Access the dashboard**
|
||||
|
||||
Open http://localhost:8080 in your browser
|
||||
|
||||
## 📦 Services
|
||||
|
||||
| Service | Port | Description |
|
||||
|---------|------|-------------|
|
||||
| Dashboard | 8080 | Web UI with Chat, Terminal, and Scans tabs |
|
||||
| HackGPT API | 8001 | Security-focused API with scan management |
|
||||
| Kali Executor | 8002 | Docker SDK command execution |
|
||||
| LLM Router | 8000 | Multi-provider LLM gateway |
|
||||
| Ollama | 11434 | Local LLM inference |
|
||||
| Kali | - | Security tools container |
|
||||
|
||||
## 🛠️ Security Tools
|
||||
|
||||
The Kali container includes:
|
||||
|
||||
- **Reconnaissance**: nmap, masscan, amass, theHarvester, whatweb
|
||||
- **Web Testing**: nikto, gobuster, dirb, sqlmap
|
||||
- **Exploitation**: metasploit-framework, hydra, searchsploit
|
||||
- **Network**: tcpdump, netcat, wireshark
|
||||
|
||||
Access the Kali container:
|
||||
```bash
|
||||
docker exec -it strikepackage-kali bash
|
||||
```
|
||||
|
||||
## 🤖 LLM Providers
|
||||
|
||||
StrikePackageGPT supports multiple LLM providers:
|
||||
|
||||
| Provider | Models | API Key Required |
|
||||
|----------|--------|------------------|
|
||||
| Ollama | llama3.2, codellama, mistral | No (local) |
|
||||
| OpenAI | gpt-4o, gpt-4o-mini | Yes |
|
||||
| Anthropic | claude-sonnet-4-20250514, claude-3-5-haiku | Yes |
|
||||
|
||||
## 📖 Usage Examples
|
||||
|
||||
### Chat with the AI
|
||||
Ask security-related questions in natural language:
|
||||
- "Explain how to use nmap for service detection"
|
||||
- "What are common web application vulnerabilities?"
|
||||
- "How do I enumerate subdomains for a target?"
|
||||
|
||||
### Terminal Access
|
||||
Execute commands directly in the Kali container from the Terminal tab:
|
||||
- Real-time command output
|
||||
- Command history with up/down arrows
|
||||
- Whitelisted tools for security
|
||||
|
||||
### Security Scans
|
||||
Launch and monitor scans from the Scans tab:
|
||||
- **nmap** - Port scanning and service detection
|
||||
- **nikto** - Web server vulnerability scanning
|
||||
- **gobuster** - Directory and DNS enumeration
|
||||
- **sqlmap** - SQL injection testing
|
||||
- **whatweb** - Web technology fingerprinting
|
||||
|
||||
### Quick Analysis
|
||||
Use the sidebar buttons to start guided analysis:
|
||||
- 🔍 **Reconnaissance** - Plan your information gathering
|
||||
- 🛡️ **Vulnerability Scan** - Assess potential weaknesses
|
||||
- 💉 **Exploit Research** - Research known vulnerabilities
|
||||
- 📄 **Generate Report** - Create professional documentation
|
||||
|
||||
## ⚠️ Legal Disclaimer
|
||||
|
||||
This tool is intended for **authorized security testing only**. Always:
|
||||
|
||||
- Obtain written permission before testing any systems
|
||||
- Follow responsible disclosure practices
|
||||
- Comply with all applicable laws and regulations
|
||||
- Use in isolated lab environments when learning
|
||||
|
||||
The developers are not responsible for misuse of this software.
|
||||
|
||||
## 🔧 Development
|
||||
|
||||
See [Claude.md](./Claude.md) for development guidelines.
|
||||
|
||||
```bash
|
||||
# Rebuild after changes
|
||||
docker-compose up -d --build
|
||||
|
||||
# View logs
|
||||
docker-compose logs -f
|
||||
|
||||
# Stop all services
|
||||
docker-compose down
|
||||
```
|
||||
|
||||
## 📄 License
|
||||
|
||||
MIT License - See [LICENSE](./LICENSE) for details.
|
||||
|
||||
## 🤝 Contributing
|
||||
|
||||
Contributions welcome! Please read the development guidelines in Claude.md before submitting PRs.
|
||||
Reference in New Issue
Block a user