[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-82118":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":9,"createdAt":9,"pushedAt":9,"updatedAt":24,"readmeContent":25,"aiSummary":26,"trendingCount":16,"starSnapshotCount":16,"syncStatus":27,"lastSyncTime":28,"discoverSource":29},82118,"deep-eye","zakirkun\u002Fdeep-eye","zakirkun","Deep Eye orchestrates multiple AI providers (OpenAI, Claude, Grok, Gemini, OLLAMA, Groq, Mistral, OpenRouter, LiteLLM, LM Studio) for intelligent payload generation, scans targets for 45+ vulnerability types, and produces professional reports with compliance mapping.",null,"https:\u002F\u002Fgithub.com\u002Fzakirkun\u002Fdeep-eye","Python",1694,315,20,10,0,15,88,133,45,20.5,false,"main","2026-06-12 02:04:23","\u003Cp align=\"center\">\n  \u003Cimg src=\".\u002Fassets\u002FScreenshot 2025-10-20 150312.png\" height=\"300\">\n\u003C\u002Fp>\n\n\u003Ch1 align=\"center\">Deep Eye\u003C\u002Fh1>\n\n\u003Cp align=\"center\">\n  Advanced AI-Driven Penetration Testing Tool\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fversion-1.4.0-blue\" alt=\"Version\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3.8+-green\" alt=\"Python\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-MIT-green\" alt=\"License\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fcode_name-Hanzou-purple\" alt=\"Code Name\">\n\u003C\u002Fp>\n\n---\n\nDeep Eye orchestrates multiple AI providers (OpenAI, Claude, Grok, Gemini, OLLAMA, Groq, Mistral, OpenRouter, LiteLLM, LM Studio) for intelligent payload generation, scans targets for 45+ vulnerability types, and produces professional reports with compliance mapping.\n\n## Features\n\n- **Multi-AI Provider Support** — Dynamic switching and failover across 10 AI providers\n- **45+ Vulnerability Scanners** — SQLi, XSS, SSRF, XXE, SSTI, RCE, deserialization, JWT, OAuth, and more\n- **Context-Aware Payloads** — WAF detection, tech stack fingerprinting, database-specific injection\n- **CVE Intelligence** — RAG-indexed CVE database with real exploit patterns from NVD\u002FMITRE\u002FExploit-DB\n- **AI Triage** — Automated false-positive filtering and bug bounty report generation\n- **Nuclei-Style Templates** — YAML-based custom vulnerability templates with matchers\u002Fextractors\n- **Browser Automation** — Playwright + Browser Use AI for client-side testing\n- **Challenge Bypass** — Cloudflare\u002FAkamai challenge solver with cookie persistence\n- **Intercepting Proxy** — mitmproxy-based traffic interception and modification\n- **Compliance Mapping** — PCI-DSS v4, SOC2 CC, ISO 27001:2022 framework mapping\n- **Export Formats** — HTML, PDF, JSON, JUnit XML, CSV, XLSX\n- **Scan Diffing** — Compare scans to track new\u002Ffixed vulnerabilities over time\n- **Collaborative Scanning** — Team-based distributed scanning with session management\n- **Notifications** — Real-time alerts via Email, Slack, Discord\n\n## Requirements\n\n- Python 3.8+\n- At least one AI provider API key (or local OLLAMA)\n- Playwright (optional, for browser-based testing)\n\n## Installation\n\n**Windows:**\n```powershell\n.\\scripts\\install.ps1\n```\n\n**Linux\u002FMac:**\n```bash\nchmod +x scripts\u002Finstall.sh && .\u002Fscripts\u002Finstall.sh\n```\n\n**Manual:**\n```bash\npip install -r requirements.txt\ncp config\u002Fconfig.example.yaml config\u002Fconfig.yaml\n# Edit config.yaml with your API keys\n```\n\n**Or skip manual config — the setup wizard runs automatically on first launch:**\n```bash\npip install -r requirements.txt\npython deep_eye.py -u https:\u002F\u002Ftarget.com\n# Interactive wizard guides you through provider selection, API key, and settings\n```\n\n**Browser automation (optional):**\n```bash\npip install playwright && playwright install chromium\n```\n\n## Usage\n\n### Basic Scan\n\n```bash\npython deep_eye.py -u https:\u002F\u002Ftarget.com\n```\n\n### With Configuration File\n\n```bash\npython deep_eye.py -c config\u002Fconfig.yaml\n```\n\n### Verbose Output\n\n```bash\npython deep_eye.py -u https:\u002F\u002Ftarget.com -v\n```\n\n### Export in Multiple Formats\n\n```bash\npython deep_eye.py -u https:\u002F\u002Ftarget.com --formats junit,csv,xlsx\n```\n\n### Scan Diffing\n\nCompare two scan results to see what changed:\n\n```bash\npython deep_eye.py --diff baseline.json current.json --diff-format html --diff-output diff_report.html\n```\n\n### CLI Reference\n\n| Flag | Description |\n|------|-------------|\n| `-u, --url` | Target URL (overrides config) |\n| `-c, --config` | Config file path (default: `config\u002Fconfig.yaml`) |\n| `-v, --verbose` | Verbose output |\n| `--version` | Show version |\n| `--no-banner` | Disable ASCII banner |\n| `--formats` | Comma-separated export formats: `junit,csv,xlsx` |\n| `--diff` | Diff two scan JSON files (positional: BASELINE CURRENT) |\n| `--diff-output` | Output path for diff report |\n| `--diff-format` | Diff format: `html`, `json`, `csv` |\n\n## Configuration\n\nAll behavior is controlled via `config\u002Fconfig.yaml`. The CLI is intentionally minimal.\n\n### AI Providers\n\nConfigure one or more providers:\n\n```yaml\nai_providers:\n  openai:\n    enabled: true\n    api_key: \"sk-...\"\n    model: \"gpt-4o\"\n  claude:\n    enabled: true\n    api_key: \"sk-ant-...\"\n    model: \"claude-3-5-sonnet-20241022\"\n  ollama:\n    enabled: true\n    base_url: \"http:\u002F\u002Flocalhost:11434\"\n    model: \"llama2\"\n```\n\nSupported: `openai`, `claude`, `grok`, `ollama`, `gemini`, `openrouter`, `mistral`, `groq`, `lmstudio`, `litellm`\n\n### Scanner Settings\n\n```yaml\nscanner:\n  target_url: \"https:\u002F\u002Ftarget.com\"\n  default_threads: 5          # 1-50\n  default_depth: 2            # crawl depth\n  enable_recon: true\n  full_scan: false\n  ai_provider: \"openai\"\n```\n\n### Vulnerability Checks\n\n```yaml\nvulnerability_scanner:\n  enabled_checks:\n    - sql_injection\n    - xss\n    - command_injection\n    - ssrf\n    - ssti\n    - lfi\n    - rfi\n    - jwt_vulnerabilities\n    # ... 45+ available checks\n  payload_generation:\n    use_ai: true\n    context_aware: true\n    cve_database: true\n```\n\n### Compliance Mapping\n\n```yaml\ncompliance:\n  enabled: true\n  frameworks:\n    - pci_dss\n    - soc2\n    - iso_27001\n```\n\n### AI Triage\n\n```yaml\nai_triage:\n  enabled: true\n  drop_false_positives: true\n  drop_threshold: 0.8\n  min_severity: \"low\"\n\nbug_bounty:\n  enabled: true\n  format: \"markdown\"\n  min_severity: \"medium\"\n  output_directory: \"reports\u002Fbounty\"\n```\n\n### Nuclei-Style Templates\n\n```yaml\ntemplates:\n  enabled: true\n  template_directories:\n    - \"templates\u002Fnuclei\"\n  tag_filters:\n    - \"cve\"\n    - \"rce\"\n  severity_filter: \"critical,high\"\n```\n\n### Challenge Solver\n\n```yaml\nchallenge_solver:\n  enabled: true\n  vendors:\n    - \"cloudflare\"\n    - \"akamai\"\n  playwright_headless: true\n  cookie_ttl_seconds: 1800\n```\n\n### Reporting\n\n```yaml\nreporting:\n  enabled: true\n  output_directory: \"reports\"\n  default_format: \"html\"\n  formats:\n    - html\n    - pdf\n    - json\n    - junit\n    - csv\n    - xlsx\n```\n\n### Experimental Features\n\n```yaml\nexperimental:\n  enable_cve_matching: true\n  enable_subdomain_scanning: true\n  max_subdomains_to_scan: 50\n```\n\n## Scripts\n\n```bash\n# Update CVE intelligence database from NVD\npython scripts\u002Fupdate_cve_database.py\n\n# Build RAG vector index for CVE search\npython scripts\u002Fbuild_cve_rag_index.py\n```\n\n## Testing\n\n```bash\n# Run all tests\npytest\n\n# Run specific test\npytest tests\u002Ftest_export_formats.py -v\n\n# E2E test (requires API key)\npython tests\u002Fe2e_litellm.py\n```\n\n## Project Structure\n\n```\ndeep-eye\u002F\n├── deep_eye.py              # Entry point\n├── core\u002F                    # Orchestration layer\n│   ├── scanner_engine.py    # Main scan orchestrator (ThreadPoolExecutor)\n│   ├── vulnerability_scanner.py  # 45+ vuln checks\n│   ├── ai_payload_generator.py   # AI-powered payload gen\n│   ├── report_generator.py       # PDF\u002FHTML\u002FJSON reports\n│   ├── scan_diff.py              # Scan comparison\n│   └── pentest_state_manager.py  # Phase\u002Fprogress tracking\n├── ai_providers\u002F            # 10 AI provider integrations\n├── modules\u002F                 # Specialized security testers\n│   ├── ai_triage\u002F           # False-positive filtering + bounty writer\n│   ├── template_engine\u002F     # Nuclei-style YAML templates\n│   ├── challenge_solver\u002F    # CF\u002FAkamai challenge bypass\n│   ├── intercepting_proxy\u002F  # mitmproxy interceptor\n│   ├── captcha_detection\u002F   # CAPTCHA detect + login replay\n│   ├── cve_intelligence\u002F    # CVE scraper + RAG index\n│   ├── browser_automation\u002F  # Playwright + Browser Use AI\n│   └── ...                  # 25+ more modules\n├── utils\u002F\n│   ├── exports\u002F             # JUnit, CSV, XLSX builders\n│   ├── compliance\u002F          # PCI-DSS, SOC2, ISO 27001 mapping\n│   └── ...                  # http_client, logger, parser, etc.\n├── config\u002F\n│   └── config.example.yaml  # Full configuration reference\n├── scripts\u002F                 # CVE updater, RAG builder\n├── tests\u002F                   # pytest test suite\n└── reports\u002F                 # Generated output (gitignored)\n```\n\n## Vulnerability Coverage\n\n### Core (v1.0+)\nSQL Injection (error\u002Fblind\u002Ftime-based), XSS (reflected\u002Fstored\u002FDOM), Command Injection, SSRF, XXE, Path Traversal, CSRF, Open Redirect, CORS Misconfiguration, Security Headers\n\n### Extended (v1.1-1.3)\nAPI Security (OWASP API Top 10), GraphQL, Business Logic, Authentication\u002FSession, File Upload, WebSocket, ML Anomaly Detection, OSINT, Payload Obfuscation, LFI\u002FRFI, SSTI, CRLF, Host Header Injection, LDAP Injection, Insecure Deserialization, JWT, Broken Auth\n\n### Advanced (v1.4+)\nNoSQL Injection, HTTP Smuggling, Race Conditions, Log4Shell, Mass Assignment, Prototype Pollution, OAuth, Cache Poisoning, Subdomain Takeover, SAML Attacks, Port Scanning, Directory Bruteforce, Secret Scanning\n\n## Legal Disclaimer\n\nDeep Eye is designed for **authorized security testing only**.\n\n- Only use on systems you own or have explicit written permission to test\n- Unauthorized access to computer systems is illegal\n- Users are responsible for complying with all applicable laws\n- The developers assume no liability for misuse\n\n## License\n\nMIT License. See [LICENSE](LICENSE) for details.\n\n## Links\n\n- [Quick Start Guide](docs\u002FQUICKSTART.md)\n- [Configuration Reference](docs\u002FCONFIGURATION.md)\n- [Modules Reference](docs\u002FMODULES.md)\n- [Scan Flow](docs\u002FSCAN_FLOW.md)\n- [Architecture](docs\u002FARCHITECTURE.md)\n- [Changelog](CHANGELOG.md)\n- [Issues](https:\u002F\u002Fgithub.com\u002Fzakirkun\u002Fdeep-eye\u002Fissues)\n","Deep Eye 是一款先进的基于AI的渗透测试工具，它整合了多个AI提供商（如OpenAI、Claude等）来生成智能负载，并扫描45种以上的漏洞类型，最终生成包含合规性映射的专业报告。项目利用Python编写，支持动态切换和故障转移于10个AI服务之间，提供包括SQL注入、XSS攻击等多种漏洞检测功能，同时具备WAF检测、技术栈指纹识别等上下文感知的有效载荷能力。此外，Deep Eye还集成了CVE情报数据库查询、自动误报过滤及浏览器自动化测试等功能。适用于需要进行全面安全评估的企业或组织，特别是在关注持续集成\u002F持续部署(CI\u002FCD)管道安全性、满足特定行业标准（如PCI-DSS v4, ISO 27001:2022）等方面的应用场景。",2,"2026-06-11 04:07:48","trending"]