[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74108":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":9,"pushedAt":9,"updatedAt":26,"readmeContent":27,"aiSummary":28,"trendingCount":15,"starSnapshotCount":15,"syncStatus":29,"lastSyncTime":30,"discoverSource":31},74108,"METATRON","sooryathejas\u002FMETATRON","sooryathejas","AI-powered penetration testing assistant using local LLM on linux (Parrot OS)",null,"Python",3049,621,29,8,0,13,16,153,39,30.38,"MIT License",false,"main",true,[],"2026-06-12 02:03:22","# METATRON\nAI-powered penetration testing assistant using local LLM on linux (Parrot OS)\n# 🔱 METATRON\n### AI-Powered Penetration Testing Assistant\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"screenshots\u002Fbanner.png\" alt=\"Metatron Banner\" width=\"800\"\u002F>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FPython-3.x-blue?style=for-the-badge&logo=python\"\u002F>\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FOS-Parrot%20Linux-green?style=for-the-badge&logo=linux\"\u002F>\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FAI-metatron--qwen-red?style=for-the-badge\"\u002F>\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDB-MariaDB-orange?style=for-the-badge&logo=mariadb\"\u002F>\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-yellow?style=for-the-badge\"\u002F>\n\u003C\u002Fp>\n\n---\n\n## 📌 What is Metatron?\n\n**Metatron** is a CLI-based AI penetration testing assistant that runs entirely on your local machine — no cloud, no API keys, no subscriptions.\n\nYou give it a target IP or domain. It runs real recon tools (nmap, whois, whatweb, curl, dig, nikto), feeds all results to a locally running AI model, and the AI analyzes the target, identifies vulnerabilities, suggests exploits, and recommends fixes. Everything gets saved to a MariaDB database with full scan history.\n\n---\n\n## ✨ Features\n\n- 🤖 **Local AI Analysis** — powered by `metatron-qwen` via Ollama, runs 100% offline\n- 🔍 **Automated Recon** — nmap, whois, whatweb, curl headers, dig DNS, nikto\n- 🌐 **Web Search** — DuckDuckGo search + CVE lookup (no API key needed)\n- 🗄️ **MariaDB Backend** — full scan history with 5 linked tables\n- ✏️ **Edit \u002F Delete** — modify any saved result directly from the CLI\n- 🔁 **Agentic Loop** — AI can request more tool runs mid-analysis\n- 🚫 **No API Keys** — everything is free and local\n-📤 Export Reports\n\nMetatron allows you to export scan results into clean, shareable report formats by selecting '2.view history'->select slno and export\n\n📄 PDF — professional vulnerability reports\n🌐 HTML — browser-viewable reports\n---\n\n## 🖥️ Screenshots\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"screenshots\u002Fmain_menu.png\" alt=\"Main Menu\" width=\"700\"\u002F>\n \u003Cbr>\u003Ci>Main Menu\u003C\u002Fi>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"screenshots\u002Fscan_running.png\" alt=\"Scan Running\" width=\"700\"\u002F>\n \u003Cbr>\u003Ci>Recon tools running on target\u003C\u002Fi>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"screenshots\u002Fai_analysis.png\" alt=\"AI Analysis\" width=\"700\"\u002F>\n \u003Cbr>\u003Ci>metatron-qwen analyzing scan results\u003C\u002Fi>\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n \u003Cimg src=\"screenshots\u002Fresults.png\" alt=\"Results\" width=\"700\"\u002F>\n \u003Cbr>\u003Ci>Vulnerabilities saved to database\u003C\u002Fi>\n\u003C\u002Fp>\n\u003Cp align=\"center\"> \u003Cimg src=\"screenshots\u002Fexport_menu.png\" alt=\"Export Menu\" width=\"700\"\u002F> \u003Cbr>\u003Ci>Export scan results as PDF and or HTML\u003C\u002Fi> \u003C\u002Fp>\n---\n\n## 🧱 Tech Stack\n\n| Component | Technology |\n|------------|-------------------------------------|\n| Language | Python 3 |\n| AI Model | metatron-qwen (fine-tuned Qwen 3.5) |\n| Base Model | huihui_ai\u002Fqwen3.5-abliterated:9b |\n| LLM Runner | Ollama |\n| Database | MariaDB |\n| OS | Parrot OS (Debian-based) |\n| Search | DuckDuckGo (free, no key) |\n\n---\n\n## ⚙️ Installation\n\n### 1. Clone the repository\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Fsooryathejas\u002FMETATRON.git\ncd METATRON\n```\n\n### 2. Create and activate virtual environment\n\n```bash\npython3 -m venv venv\nsource venv\u002Fbin\u002Factivate\n```\n\n### 3. Install Python dependencies\n\n```bash\npip install -r requirements.txt\n```\n\n### 4. Install system tools\n\n```bash\nsudo apt install nmap whois whatweb curl dnsutils nikto\n```\n\n---\n\n## 🤖 AI Model Setup\n\n### Step 1 — Install Ollama\n\n```bash\ncurl -fsSL https:\u002F\u002Follama.com\u002Finstall.sh | sh\n```\n\n### Step 2 — Download the base model\n\n```bash\nollama pull huihui_ai\u002Fqwen3.5-abliterated:9b\n```\n\n> ⚠️ This model requires at least 8.4 GB of RAM. If your system has less, use the 4b variant:\n> ```bash\n> ollama pull huihui_ai\u002Fqwen3.5-abliterated:4b\n> ```\n> Then edit `Modelfile` and change the FROM line to the 4b model.\n\n### Step 3 — Build the custom metatron-qwen model\n\nThe repo includes a `Modelfile` that fine-tunes the base model with pentest-specific parameters:\n\n```bash\nollama create metatron-qwen -f Modelfile\n```\n\nThis creates your local `metatron-qwen` model with:\n- 16,384 token context window\n- Temperature: 0.7\n- Top-k: 10\n- Top-p: 0.9\n\n### Step 4 — Verify the model exists\n\n```bash\nollama list\n```\n\nYou should see `metatron-qwen` in the list.\n\n---\n\n## 🗄️ Database Setup\n\n### Step 1 — Make sure MariaDB is running\n\n```bash\nsudo systemctl start mariadb\nsudo systemctl enable mariadb\n```\n\n### Step 2 — Create the database and user\n\n```bash\nmysql -u root\n```\n\n```sql\nCREATE DATABASE metatron;\nCREATE USER 'metatron'@'localhost' IDENTIFIED BY '123';\nGRANT ALL PRIVILEGES ON metatron.* TO 'metatron'@'localhost';\nFLUSH PRIVILEGES;\nEXIT;\n```\n\n### Step 3 — Create the tables\n\n```bash\nmysql -u metatron -p123 metatron\n```\n\n```sql\nCREATE TABLE history (\n sl_no INT AUTO_INCREMENT PRIMARY KEY,\n target VARCHAR(255) NOT NULL,\n scan_date DATETIME NOT NULL,\n status VARCHAR(50) DEFAULT 'active'\n);\n\nCREATE TABLE vulnerabilities (\n id INT AUTO_INCREMENT PRIMARY KEY,\n sl_no INT,\n vuln_name TEXT,\n severity VARCHAR(50),\n port VARCHAR(20),\n service VARCHAR(100),\n description TEXT,\n FOREIGN KEY (sl_no) REFERENCES history(sl_no)\n);\n\nCREATE TABLE fixes (\n id INT AUTO_INCREMENT PRIMARY KEY,\n sl_no INT,\n vuln_id INT,\n fix_text TEXT,\n source VARCHAR(50),\n FOREIGN KEY (sl_no) REFERENCES history(sl_no),\n FOREIGN KEY (vuln_id) REFERENCES vulnerabilities(id)\n);\n\nCREATE TABLE exploits_attempted (\n id INT AUTO_INCREMENT PRIMARY KEY,\n sl_no INT,\n exploit_name TEXT,\n tool_used TEXT,\n payload LONGTEXT,\n result TEXT,\n notes TEXT,\n FOREIGN KEY (sl_no) REFERENCES history(sl_no)\n);\n\nCREATE TABLE summary (\n id INT AUTO_INCREMENT PRIMARY KEY,\n sl_no INT,\n raw_scan LONGTEXT,\n ai_analysis LONGTEXT,\n risk_level VARCHAR(50),\n generated_at DATETIME,\n FOREIGN KEY (sl_no) REFERENCES history(sl_no)\n);\n```\n\n---\n\n## 🚀 Usage\n\nMetatron needs **two terminal tabs** to run.\n\n### Terminal 1 — Load the AI model\n\n```bash\nollama run metatron-qwen\n```\n\nWait until you see the `>>>` prompt. This means the model is loaded into memory and ready. You can leave this terminal running in the background.\n\n### Terminal 2 — Launch Metatron\n\n```bash\ncd ~\u002FMETATRON\nsource venv\u002Fbin\u002Factivate\npython metatron.py\n```\n\n---\n\n### Walkthrough\n\n**1. Main menu appears:**\n```\n [1] New Scan\n [2] View History\n [3] Exit\n```\n\n**2. Select [1] New Scan → enter your target:**\n```\n[?] Enter target IP or domain: 192.168.1.1\n```\nor\n```\n[?] Enter target IP or domain: example.com\n```\n\n**3. Select recon tools to run:**\n```\n [1] nmap\n [2] whois\n [3] whatweb\n [4] curl headers\n [5] dig DNS\n [6] nikto\n [a] Run all (except nikto)\n [n] Run all + nikto (slow)\n```\n\n**4. Metatron runs the tools, feeds results to the AI, and prints the analysis.**\n\n**5. Everything is saved to MariaDB automatically.**\n\n**6. After the scan you can edit or delete any result.**\n\n---\n\n## 📁 Project Structure\n\n```\nMETATRON\u002F\n├── metatron.py ← main CLI entry point\n├── db.py ← MariaDB connection and all CRUD operations\n├── tools.py ← recon tool runners (nmap, whois, etc.)\n├── llm.py ← Ollama interface and AI tool dispatch loop\n├── search.py ← DuckDuckGo web search and CVE lookup\n├── Modelfile ← custom model config for metatron-qwen\n├── requirements.txt ← Python dependencies\n├── .gitignore ← excludes venv, pycache, db files\n├── LICENSE ← MIT License\n├── README.md ← this file\n└── screenshots\u002F ← terminal screenshots for documentation\n```\n\n---\n\n## 🗃️ Database Schema\n\nAll 5 tables are linked by `sl_no` (session number) from the `history` table:\n\n```\nhistory ← one row per scan session (sl_no is the spine)\n │\n ├── vulnerabilities ← vulns found, linked by sl_no\n │ │\n │ └── fixes ← fixes per vuln, linked by vuln_id + sl_no\n │\n ├── exploits_attempted ← exploits tried, linked by sl_no\n │\n └── summary ← full AI analysis dump, linked by sl_no\n```\n\n---\n\n## ⚠️ Disclaimer\n\nThis tool is intended for **educational purposes and authorized penetration testing only**.\n\n- Only use Metatron on systems you own or have **explicit written permission** to test.\n- Unauthorized scanning or exploitation of systems is **illegal**.\n- The author is not responsible for any misuse of this tool.\n\n---\n\n## 👤 Author\n\n**Soorya Thejas**\n- GitHub: [@sooryathejas](https:\u002F\u002Fgithub.com\u002Fsooryathejas)\n\n---\n\n## 📄 License\n\nThis project is licensed under the MIT License — see the [LICENSE](LICENSE) file for details.\n","METATRON 是一个基于本地Linux(Parrot OS)运行的AI驱动渗透测试助手。它通过集成nmap、whois等真实侦察工具收集目标信息,并将结果输入到本地运行的AI模型中进行分析,从而识别漏洞、建议攻击方式及修复措施,所有数据存储于MariaDB数据库中以供查询和修改。该工具完全离线工作,无需云服务或API密钥,适合安全研究人员和技术爱好者在不需要网络连接的情况下对目标系统进行全面的安全评估。此外,METATRON还支持导出PDF和HTML格式的专业报告,方便用户分享与存档。",2,"2026-06-11 03:48:49","high_star"]