mblanke
8b51ba9108
- Fixed jumpy network map: nodes settle in 2 seconds and stay fixed - Added click vs drag detection for better node interaction - Made legend clickable as OS type filters (Windows, Linux, macOS, etc.) - Multiple filters can be active simultaneously (OR logic) - Added 'Clear filters' button when filters are active - Added DELETE endpoints to clear network hosts from dashboard - Fixed nmap parser to only include hosts with open ports - Nodes stay in place after dragging
⚡ StrikePackageGPT
AI-powered security analysis platform combining LLM capabilities with professional penetration testing tools.
🎯 Overview
StrikePackageGPT provides security researchers and penetration testers with an AI assistant specialized in:
- Reconnaissance - OSINT, subdomain enumeration, port scanning strategies
- Vulnerability Analysis - CVE research, misconfiguration detection
- Exploit Research - Safe research and documentation of exploits
- Report Generation - Professional security assessment reports
- 🆕 Bidirectional Command Capture - Run commands in CLI, see results in dashboard
🚀 Quick Start
Prerequisites
- Docker & Docker Compose
- 8GB+ RAM recommended (for local LLM)
- (Optional) OpenAI or Anthropic API key
Installation
-
Clone the repository
git clone https://github.com/mblanke/StrikePackageGPT.git cd StrikePackageGPT -
Configure environment (optional)
cp .env.example .env # Edit .env to add API keys if using cloud LLMs -
Start the services
docker-compose up -d -
Pull a local model (first time only)
docker exec -it strikepackage-ollama ollama pull llama3.2 -
Access the dashboard
Open http://localhost:8080 in your browser
📦 Services
| Service | Port | Description |
|---|---|---|
| Dashboard | 8080 | Web UI with Chat, Terminal, and Scans tabs |
| HackGPT API | 8001 | Security-focused API with scan management |
| Kali Executor | 8002 | Docker SDK command execution |
| LLM Router | 8000 | Multi-provider LLM gateway |
| Ollama | 11434 | Local LLM inference |
| Kali | - | Security tools container |
🛠️ Security Tools
The Kali container includes ALL Kali Linux tools via the kali-linux-everything metapackage:
- 600+ Security Tools: Complete Kali Linux arsenal
- Reconnaissance: nmap, masscan, amass, theHarvester, whatweb, recon-ng, maltego
- Web Testing: nikto, gobuster, dirb, sqlmap, burpsuite, zaproxy, wpscan
- Exploitation: metasploit-framework, exploit-db, searchsploit, armitage
- Password Attacks: hydra, john, hashcat, medusa, ncrack
- Wireless: aircrack-ng, wifite, reaver, bully, kismet, fern-wifi-cracker
- Sniffing/Spoofing: wireshark, tcpdump, ettercap, bettercap, responder
- Post-Exploitation: mimikatz, powersploit, empire, covenant
- Forensics: autopsy, volatility, sleuthkit, foremost
- Reverse Engineering: ghidra, radare2, gdb, ollydbg, ida-free
- Social Engineering: set (Social Engineering Toolkit)
- And hundreds more...
Access the Kali container:
docker exec -it strikepackage-kali bash
🔄 Bidirectional Command Capture
New Feature! Commands run directly in the Kali container are now automatically captured and visible in the dashboard:
# Connect to container
docker exec -it strikepackage-kali bash
# Run commands normally - they're automatically logged
nmap -sV 192.168.1.0/24
# Use 'capture' for full output capture
capture sqlmap -u "http://example.com?id=1" --batch
# View recent commands
recent
# All commands appear in dashboard history! 🎉
Benefits:
- ✅ Use CLI for speed, GUI for visualization
- ✅ Perfect for advanced users who prefer terminal
- ✅ Unified history across all command sources
- ✅ Network map includes manually-run scans
- ✅ Complete audit trail for reporting
See BIDIRECTIONAL_CAPTURE.md for full documentation.
🤖 LLM Providers
StrikePackageGPT supports multiple LLM providers:
| Provider | Models | API Key Required |
|---|---|---|
| Ollama | llama3.2, codellama, mistral | No (local) |
| OpenAI | gpt-4o, gpt-4o-mini | Yes |
| Anthropic | claude-sonnet-4-20250514, claude-3-5-haiku | Yes |
📖 Usage Examples
Chat with the AI
Ask security-related questions in natural language:
- "Explain how to use nmap for service detection"
- "What are common web application vulnerabilities?"
- "How do I enumerate subdomains for a target?"
Terminal Access
Execute commands directly in the Kali container from the Terminal tab:
- Real-time command output
- Command history with up/down arrows
- Whitelisted tools for security
Security Scans
Launch and monitor scans from the Scans tab:
- nmap - Port scanning and service detection
- nikto - Web server vulnerability scanning
- gobuster - Directory and DNS enumeration
- sqlmap - SQL injection testing
- whatweb - Web technology fingerprinting
Quick Analysis
Use the sidebar buttons to start guided analysis:
- 🔍 Reconnaissance - Plan your information gathering
- 🛡️ Vulnerability Scan - Assess potential weaknesses
- 💉 Exploit Research - Research known vulnerabilities
- 📄 Generate Report - Create professional documentation
⚠️ Legal Disclaimer
This tool is intended for authorized security testing only. Always:
- Obtain written permission before testing any systems
- Follow responsible disclosure practices
- Comply with all applicable laws and regulations
- Use in isolated lab environments when learning
The developers are not responsible for misuse of this software.
🔧 Development
See Claude.md for development guidelines.
# Rebuild after changes
docker-compose up -d --build
# View logs
docker-compose logs -f
# Stop all services
docker-compose down
📄 License
MIT License - See LICENSE for details.
🤝 Contributing
Contributions welcome! Please read the development guidelines in Claude.md before submitting PRs.