mirror of
https://github.com/CyberSecurityUP/NeuroSploit.git
synced 2026-07-05 10:57:51 +02:00
v3.3.0 GUI dashboard + reports + model expansion + root fix
Engine:
- Fix: inject IS_SANDBOX=1 so Claude Code's --dangerously-skip-permissions
works under root (real backend runs were exiting rc=1 immediately)
- models: expand to 40 models / 13 providers, tagged CLI vs API
(NVIDIA NIM, DeepSeek, Mistral, Qwen/DashScope, Groq, Together, OpenRouter,
Ollama, Gemini) — Qwen/DeepSeek/Llama usable via API
- backends: on_start callback surfaces the exact argv ("what runs behind it")
- orchestrator: require a Playwright screenshot per confirmed finding; collect
results/activity.json; auto-generate reports after a run
- report.py: HTML always + PDF via Typst engine (.typ source emitted too)
Web dashboard (webgui/, stdlib only — no npm/build):
- Sidebar dashboard (PentAGI-style): Run / Agents / Insights / Reports / Settings
- Multi-target runs; live execution console + per-task activity; finding cards
with screenshots; backend+provider+model pickers (CLI & API)
- Agents tab: browse 213 + add new .md agents from the UI
- Insights: interactive RL-weight + severity charts
- Reports: download/preview PDF + HTML
- Settings/API: execution mode, per-provider API keys, orchestrator, verbosity
- Endpoints: /api/agents (GET/POST), /api/rl, /api/config, /api/reports,
/reports/* + /shots/* static serving
Cleanup: retire replaced web stack (frontend React, FastAPI backend, core
orchestration, old test) to legacy/. Active engine + GUI are fully standalone.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Executable
+91
@@ -0,0 +1,91 @@
|
||||
"""
|
||||
NeuroSploit v3 - Configuration
|
||||
"""
|
||||
import os
|
||||
from pathlib import Path
|
||||
from typing import Optional
|
||||
from pydantic_settings import BaseSettings
|
||||
|
||||
|
||||
class Settings(BaseSettings):
|
||||
"""Application settings"""
|
||||
|
||||
# Application
|
||||
APP_NAME: str = "NeuroSploit v3"
|
||||
APP_VERSION: str = "3.0.0"
|
||||
DEBUG: bool = True
|
||||
|
||||
# Server
|
||||
HOST: str = "0.0.0.0"
|
||||
PORT: int = 8000
|
||||
|
||||
# Database
|
||||
DATABASE_URL: str = "sqlite+aiosqlite:///./data/neurosploit.db"
|
||||
|
||||
# Paths
|
||||
BASE_DIR: Path = Path(__file__).parent.parent
|
||||
DATA_DIR: Path = BASE_DIR / "data"
|
||||
REPORTS_DIR: Path = DATA_DIR / "reports"
|
||||
SCANS_DIR: Path = DATA_DIR / "scans"
|
||||
PROMPTS_DIR: Path = BASE_DIR / "prompts"
|
||||
|
||||
# LLM Settings
|
||||
ANTHROPIC_API_KEY: Optional[str] = os.getenv("ANTHROPIC_API_KEY")
|
||||
OPENAI_API_KEY: Optional[str] = os.getenv("OPENAI_API_KEY")
|
||||
NIM_API_KEY: Optional[str] = os.getenv("NIM_API_KEY")
|
||||
NIM_BASE_URL: str = os.getenv("NIM_BASE_URL", "https://integrate.api.nvidia.com/v1/chat/completions")
|
||||
OPENROUTER_API_KEY: Optional[str] = os.getenv("OPENROUTER_API_KEY")
|
||||
GEMINI_API_KEY: Optional[str] = os.getenv("GEMINI_API_KEY")
|
||||
AZURE_OPENAI_API_KEY: Optional[str] = os.getenv("AZURE_OPENAI_API_KEY")
|
||||
AZURE_OPENAI_ENDPOINT: Optional[str] = os.getenv("AZURE_OPENAI_ENDPOINT")
|
||||
AZURE_OPENAI_API_VERSION: str = os.getenv("AZURE_OPENAI_API_VERSION", "2024-02-01")
|
||||
AZURE_OPENAI_DEPLOYMENT: Optional[str] = os.getenv("AZURE_OPENAI_DEPLOYMENT")
|
||||
TOGETHER_API_KEY: Optional[str] = os.getenv("TOGETHER_API_KEY")
|
||||
FIREWORKS_API_KEY: Optional[str] = os.getenv("FIREWORKS_API_KEY")
|
||||
DEFAULT_LLM_PROVIDER: str = "claude"
|
||||
DEFAULT_LLM_MODEL: str = "claude-sonnet-4-20250514"
|
||||
MAX_OUTPUT_TOKENS: Optional[int] = None
|
||||
ENABLE_MODEL_ROUTING: bool = False
|
||||
|
||||
# Feature Flags
|
||||
ENABLE_KNOWLEDGE_AUGMENTATION: bool = False
|
||||
ENABLE_BROWSER_VALIDATION: bool = False
|
||||
ENABLE_VULN_AGENTS: bool = False
|
||||
VULN_AGENT_CONCURRENCY: int = 10
|
||||
ENABLE_SMART_ROUTER: bool = False
|
||||
|
||||
# RAG (Retrieval-Augmented Generation)
|
||||
ENABLE_RAG: bool = True # Enabled by default (zero deps, uses BM25)
|
||||
RAG_BACKEND: str = "auto" # "auto", "chromadb", "tfidf", "bm25"
|
||||
|
||||
# External Methodology File (injected into all LLM calls)
|
||||
METHODOLOGY_FILE: Optional[str] = None # Path to .md methodology file
|
||||
|
||||
# CLI Agent (AI CLI tools inside Kali sandbox)
|
||||
ENABLE_CLI_AGENT: bool = False # Feature flag (default: disabled)
|
||||
CLI_AGENT_MAX_RUNTIME: int = 1800 # Max runtime in seconds (default: 30 min)
|
||||
CLI_AGENT_DEFAULT_PROVIDER: str = "claude_code" # Default CLI provider
|
||||
|
||||
# Codex LLM
|
||||
CODEX_API_KEY: Optional[str] = os.getenv("CODEX_API_KEY")
|
||||
|
||||
# Scan Settings
|
||||
MAX_CONCURRENT_SCANS: int = 5
|
||||
DEFAULT_TIMEOUT: int = 30
|
||||
MAX_REQUESTS_PER_SECOND: int = 10
|
||||
|
||||
# CORS
|
||||
CORS_ORIGINS: list = ["http://localhost:3000", "http://127.0.0.1:3000"]
|
||||
|
||||
class Config:
|
||||
env_file = ".env"
|
||||
case_sensitive = True
|
||||
extra = "ignore"
|
||||
|
||||
|
||||
settings = Settings()
|
||||
|
||||
# Ensure directories exist
|
||||
settings.DATA_DIR.mkdir(parents=True, exist_ok=True)
|
||||
settings.REPORTS_DIR.mkdir(parents=True, exist_ok=True)
|
||||
settings.SCANS_DIR.mkdir(parents=True, exist_ok=True)
|
||||
Reference in New Issue
Block a user