Skip to content

Naveen2464/Agentic-AI-Based-Penetration-Testing-System

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 

Repository files navigation

Agentic-AI-Based-Penetration-Testing-System

AI-Powered Vulnerability Scanner

Project Overview

This repository contains a modern web-based vulnerability scanner built with Next.js, React, and LangChain. The application uses a custom AI-driven agent pipeline to analyze a target URL and generate a structured security report containing findings for XSS, SQL Injection, CSRF, IDOR, header misconfigurations, and redirect vulnerabilities.


Key Features

  • Modern and responsive web interface
  • Real-time scan trace logging and progress updates
  • AI-guided scan orchestration using specialized security agents
  • Structured vulnerability findings and report generation
  • Built with Next.js App Router and React 19

Requirements

Before running the project, ensure the following are installed:

  • Node.js 20 or later
  • npm 10 or later
  • A modern web browser
  • OpenRouter API key(s)

Installation

1. Install Node.js

Download and install Node.js from:

https://nodejs.org/


2. Install Project Dependencies

cd minorproject/vuln-scanner
npm install

3. Configure Environment Variables

Create a .env.local file inside minorproject/vuln-scanner and add your OpenRouter API credentials:

OPENROUTER_KEY1=your_openrouter_api_key_1
OPENROUTER_KEY2=your_openrouter_api_key_2
OPENROUTER_KEY3=your_openrouter_api_key_3

At least one API key is required. Multiple keys may be used for fallback or parallel access.


Running the Application

Start the development server from the minorproject/vuln-scanner directory:

npm run dev

Open the application in your browser:

http://localhost:3000

Application Structure

minorproject/vuln-scanner/
│
├── app/                # Next.js pages and API routes
├── lib/                # Scan graph, agents, tools, and state management
├── public/             # Static assets
├── package.json        # Project dependencies and metadata
└── .env.local          # Environment variables

Scan Workflow

  1. The client sends a scan request to /api/scan
  2. The server initializes the AI-driven scan graph
  3. Specialized agents analyze the target URL
  4. Real-time scan traces stream back to the frontend
  5. Findings are aggregated into a structured security report

Environment Variables

Variable Description
OPENROUTER_KEY1 Primary OpenRouter API key
OPENROUTER_KEY2 Secondary OpenRouter API key
OPENROUTER_KEY3 Tertiary OpenRouter API key

Installation Notes

  • This project uses Next.js 16, React 19, Tailwind CSS, and LangChain
  • The scanning engine integrates with the OpenRouter API through @langchain/openai
  • The application will fail to start if API keys are not configured properly

Security Considerations

  • Only scan systems you own or are explicitly authorized to test
  • Intended strictly for educational and research purposes
  • Unauthorized scanning of production systems may violate laws or organizational policies

Customization

Modify Scan Agents

Update agent implementations inside:

minorproject/vuln-scanner/lib/agents/

Extend the Scan Graph

Modify:

minorproject/vuln-scanner/lib/graph.ts

Customize the User Interface

Edit:

minorproject/vuln-scanner/app/page.tsx

Troubleshooting

Application Startup Issues

  • Verify your Node.js and npm versions
  • Ensure .env.local exists and contains valid API keys
  • Reinstall dependencies using npm install

Scan Failures

  • Confirm the target URL is valid and reachable
  • Inspect browser developer tools for network or console errors
  • Verify API connectivity and request logs

Recommended Next Steps

  1. Configure API keys in .env.local
  2. Install dependencies using npm install
  3. Start the development server using npm run dev
  4. Launch scans through the web interface using authorized target URLs

License

This repository contains project source files intended for educational, academic, and research purposes. Licensing should follow your university, organization, or project policy.

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors