Skip to content

AbdulKhaliq293/GoSec

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GoSec-ADK: Dual-Mode Agentic Security Framework

GoSec-ADK is an open-source, model-agnostic security tool built using the Google Agent Development Kit (ADK) pattern. It features a powerful Dual-Mode Architecture designed for both internal compliance auditing and external Bug Bounty hunting. By giving an AI agent "hands" (standard security tools) and "eyes" (a unified knowledge graph), it can autonomously perform tasks, analyze results, and chain vulnerabilities.

🚀 Features

🧠 Intelligent Security Agent

  • Dual-Mode Profiles: Run in compliance mode for internal hardening or offensive mode for zero-day bug bounty hunting.
  • Model Agnostic: Supports Google Gemini, OpenAI GPT-4o, and Local Uncensored Models (via OpenAI compatible APIs like Ollama/Nvidia NIM).
  • ReAct Pattern: The agent reasons about the user's request, selects the appropriate tool, executes it, and analyzes the output.

🕸️ Unified Knowledge Graph

  • Centralized Memory: All findings (subdomains, endpoints, vulnerabilities, compliance failures) are ingested into an in-memory graph database.
  • Contextual Analysis: Links root domains to subdomains, web endpoints, and specific vulnerabilities.
  • Attack Path Detection: Automatically identifies and traces paths an attacker could take from an external endpoint to a confirmed vulnerability.

🛡️ Comprehensive Tool Suite (Dual Profiles)

Compliance Profile (--profile compliance)

  • Nmap: Network reconnaissance and port scanning.
  • Lynis: In-depth system hardening checks.
  • Gitleaks: Hardcoded secret scanning.

Offensive Profile (--profile offensive)

  • Subfinder: Subdomain enumeration.
  • Httpx: Active service probing and technology detection.
  • Katana: Deep SPA crawling and JavaScript analysis.
  • Nuclei: Template-based vulnerability scanning.
  • FFUF: Parameter and directory fuzzing.
  • PoC Generator: Automated HackerOne markdown report generation.

📋 Dynamic Compliance Engine

  • Policy as Code: Compliance standards defined in simple YAML profiles (HIPAA, PCI-DSS, GDPR, NIST, CIS).

📦 Installation

Prerequisites

  • Go 1.21 or higher
  • Git

1. External Tools (Choose Your Profile)

For Compliance Mode (Nmap, Lynis, Gitleaks): macOS: brew install nmap lynis gitleaks Linux: sudo apt-get install nmap lynis git & download Gitleaks.

For Offensive Bug Bounty Mode (ProjectDiscovery + FFUF): Run these Go install commands to compile the required offensive tools:

go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
go install -v github.com/projectdiscovery/katana/cmd/katana@latest
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
go install github.com/ffuf/ffuf/v2@latest

Note: Ensure your Go bin directory is in your PATH (export PATH=$PATH:$(go env GOPATH)/bin).

2. Build GoSec-ADK

# Clone the repository
git clone https://github.com/AbdulKhaliq293/GoSec.git
cd gosec-adk

# Install Go dependencies
go mod download

# Build the binary
go build -o gosec-adk cmd/main.go

⚙️ Configuration

You need an API key for at least one LLM provider (Gemini is the default).

  1. Interactive Setup:

    ./gosec-adk config setup

    Follow the prompts to enter your API keys.

  2. Manual Configuration: Set environment variables:

    export GOOGLE_API_KEY="your_gemini_key"
    # Optional
    export OPENAI_API_KEY="your_openai_key"
    export ANTHROPIC_API_KEY="your_anthropic_key"

🚀 Usage

Quick Start (No Build Required)

Run directly with Go:

go run main.go interactive

Using the Binary (If Built)

# For internal compliance audits
./gosec-adk interactive --profile compliance

# For external bug bounty hunting and recon
./gosec-adk interactive --profile offensive

CLI Command Reference

Besides the interactive agent, you can use the CLI for configuration:

  • Setup Wizard (Configure LLM Providers like Gemini, OpenAI, Nvidia NIM):

    go run main.go config setup

    Tip: To use local models (Ollama) or Nvidia NIM, export OPENAI_BASE_URL before running setup.

Interactive Session Examples

Compliance Profile Examples:

  • "Run a fast Nmap scan on localhost."

  • "Check if this system meets HIPAA requirements."

  • "How do I fix the SSH root login issue?"

Offensive Bug Bounty Profile Examples:

  • "Run subfinder on target.com and verify live endpoints with httpx."

  • "Crawl the discovered web endpoints deeply with katana."

  • "Perform an authorized parameter verification on https://target.com/api?id=FUZZ using FFUF."

  • "Scan the discovered endpoints with Nuclei and generate a HackerOne PoC report if vulnerabilities are found."

🤝 Contributing

Contributions are welcome!

  • Add new Compliance Profiles in profiles/.
  • Add new Remediation Templates in remediation_templates/.
  • Implement new Tool Wrappers in pkg/wrappers/.

📄 License

MIT

About

GoSec-ADK: Model-agnostic security agent (Gemini/OpenAI/Anthropic) built on Google ADK. Orchestrates Nmap & Lynis using natural language for recon & compliance (NIST, CIS, HIPAA, GDPR). Features a dynamic YAML-based profiling engine to automate complex security audits. Bridges the gap between human intent and technical execution.

Resources

License

Stars

2 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages