VulnMapAI: Revolutionizing Vulnerability Reports with GPT-4 and Nmap

VulnMapAI

VulnMapAI combines the power of Nmap’s detailed network scanning and the advanced natural language processing capabilities of GPT-4 to generate comprehensive and intelligible vulnerability reports. It aims to facilitate the identification and understanding of security vulnerabilities.

Features

• Automated Network Scanning: Uses Nmap for automated discovery and scanning of systems.
• Exploit Suggestions: Offers suggestions for potential exploits based on discovered services and versions.
• Report Generation: Creates comprehensive reports based on discovery and suggested exploits.
• Metasploit Integration: Integrates with Metasploit for searching and verifying exploits.
• Multi-Process Scanning: Leverages multi-process capabilities for efficient network scanning.

Install

Prerequisites

• Python 3.x
• Metasploit Framework
• Nmap
• Required Python libraries: httpx, pymetasploit3

OR

• Docker

Use

For hackers:

docker run -it \
    -e  OPENAI_API_KEY="sk-.." \
     -v $(pwd):/app \
    --sysctl net.ipv6.conf.all.disable_ipv6=0 \
    --cap-add NET_ADMIN \
    --cap-add SYS_MODULE \
    --device /dev/net/tun:/dev/net/tun \
    --entrypoint=/bin/bash -p 1337:1337 quantumcrack/vulnmapai-final:latest

• Run tmux, then openvpn lab_your_username.ovpn, then Ctrl+b and d, you should be back at the main terminal
• Run python main.py TRYHACKME_MACHINE_IP –top_ports 500. Happy hacking!

For developers:

• Clone the project and change the directory git clone https://github.com/davidalami/VulnMapAI.git && cd ./VulnMapAI
• Build the image DOCKER_BUILDKIT=1 docker build -f build/final_image/Dockerfile -t quantumcrack/vulnmapai-final:latest .
• Run the image in interactive mode, pass a valid openai API key as an environment variable docker run -it –entrypoint=/bin/bash -e “OPENAI_API_KEY=sk-..” -v $(pwd):/app -p 1337:1337 quantumcrack/vulnmapai-final:latest
• Pass target IP addresses to the Python script, like python main.py 127.0.0.1 –top_ports 500 and make yourself a coffee!

Accessing the report

Once the scanning process is completed, the web application powered by Flask becomes accessible. You can view the generated report by opening your web browser and navigating to http://localhost:1337/.

• Run the image (command crafted to use against HackTheBox/TryHackMe machines)

Copyright (c) 2023 David Alami

Source: https://github.com/davidalami/