offsec-ai 2.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- offsec_ai/__init__.py +91 -0
- offsec_ai/__main__.py +12 -0
- offsec_ai/cli.py +2764 -0
- offsec_ai/core/__init__.py +1 -0
- offsec_ai/core/ai_owasp_scanner.py +389 -0
- offsec_ai/core/cert_analyzer.py +721 -0
- offsec_ai/core/hybrid_identity_checker.py +585 -0
- offsec_ai/core/l7_detector.py +1628 -0
- offsec_ai/core/llm_judge.py +183 -0
- offsec_ai/core/mcp_attacker.py +384 -0
- offsec_ai/core/mcp_scanner.py +506 -0
- offsec_ai/core/mtls_checker.py +990 -0
- offsec_ai/core/owasp_scanner.py +653 -0
- offsec_ai/core/port_scanner.py +277 -0
- offsec_ai/core/security_headers.py +472 -0
- offsec_ai/models/__init__.py +1 -0
- offsec_ai/models/ai_owasp_result.py +161 -0
- offsec_ai/models/l7_result.py +231 -0
- offsec_ai/models/mcp_result.py +148 -0
- offsec_ai/models/mtls_result.py +95 -0
- offsec_ai/models/owasp_result.py +282 -0
- offsec_ai/models/scan_result.py +143 -0
- offsec_ai/py.typed +0 -0
- offsec_ai/utils/__init__.py +1 -0
- offsec_ai/utils/ai_owasp_payloads.py +283 -0
- offsec_ai/utils/ai_owasp_remediation.py +248 -0
- offsec_ai/utils/common_ports.py +316 -0
- offsec_ai/utils/exporters.py +441 -0
- offsec_ai/utils/l7_signatures.py +460 -0
- offsec_ai/utils/mcp_cve_db.py +263 -0
- offsec_ai/utils/mcp_payloads.py +121 -0
- offsec_ai/utils/owasp_remediation.py +787 -0
- offsec_ai-2.0.0.dist-info/METADATA +601 -0
- offsec_ai-2.0.0.dist-info/RECORD +37 -0
- offsec_ai-2.0.0.dist-info/WHEEL +4 -0
- offsec_ai-2.0.0.dist-info/entry_points.txt +2 -0
- offsec_ai-2.0.0.dist-info/licenses/LICENSE +21 -0
offsec_ai/__init__.py
ADDED
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
"""
|
|
2
|
+
offsec-ai — Offensive-security toolkit for authorized red-team engagements.
|
|
3
|
+
|
|
4
|
+
Capabilities:
|
|
5
|
+
- Port scanning with banner grabbing (async, configurable concurrency)
|
|
6
|
+
- L7/WAF/CDN detection with DNS tracing
|
|
7
|
+
- mTLS (Mutual TLS) authentication checking
|
|
8
|
+
- SSL/TLS certificate chain analysis and validation
|
|
9
|
+
- Hybrid identity / Azure AD / ADFS detection
|
|
10
|
+
- OWASP Top 10 2021/2025 web vulnerability scanning
|
|
11
|
+
- AI/LLM OWASP Top 10 2025 black-box endpoint probing
|
|
12
|
+
- MCP (Model Context Protocol) endpoint security scanning and CVE matching
|
|
13
|
+
- MCP endpoint active attack module (requires explicit authorization)
|
|
14
|
+
- Security header analysis and grading
|
|
15
|
+
- Multi-format reporting (PDF, JSON, CSV)
|
|
16
|
+
- Rich CLI interface with progress bars
|
|
17
|
+
"""
|
|
18
|
+
|
|
19
|
+
__version__ = "2.0.0"
|
|
20
|
+
__author__ = "htunn"
|
|
21
|
+
__email__ = "htunnthuthu.linux@gmail.com"
|
|
22
|
+
__license__ = "MIT"
|
|
23
|
+
|
|
24
|
+
from .core.port_scanner import PortChecker
|
|
25
|
+
from .core.l7_detector import L7Detector, L7Protection
|
|
26
|
+
from .core.mtls_checker import MTLSChecker
|
|
27
|
+
from .core.cert_analyzer import CertificateAnalyzer
|
|
28
|
+
from .core.hybrid_identity_checker import HybridIdentityChecker, HybridIdentityResult
|
|
29
|
+
from .core.owasp_scanner import OwaspScanner
|
|
30
|
+
from .core.security_headers import SecurityHeaderChecker
|
|
31
|
+
from .core.ai_owasp_scanner import LLMOwaspScanner
|
|
32
|
+
from .core.mcp_scanner import MCPScanner
|
|
33
|
+
from .core.mcp_attacker import MCPAttacker, AuthorizationRequired
|
|
34
|
+
from .core.llm_judge import LLMJudge
|
|
35
|
+
from .models.scan_result import ScanResult, PortResult
|
|
36
|
+
from .models.l7_result import L7Result
|
|
37
|
+
from .models.mtls_result import MTLSResult, CertificateInfo
|
|
38
|
+
from .models.owasp_result import OwaspScanResult, OwaspFinding, OwaspCategoryResult, SeverityLevel
|
|
39
|
+
from .models.ai_owasp_result import LLMScanResult, LLMFinding, LLMCategoryResult, LLMSeverity
|
|
40
|
+
from .models.mcp_result import (
|
|
41
|
+
MCPScanResult,
|
|
42
|
+
MCPTool,
|
|
43
|
+
MCPResource,
|
|
44
|
+
MCPVulnerability,
|
|
45
|
+
MCPAttackReport,
|
|
46
|
+
MCPAttackResult,
|
|
47
|
+
MCPTransport,
|
|
48
|
+
)
|
|
49
|
+
|
|
50
|
+
__all__ = [
|
|
51
|
+
# Original scanners
|
|
52
|
+
"PortChecker",
|
|
53
|
+
"L7Detector",
|
|
54
|
+
"L7Protection",
|
|
55
|
+
"MTLSChecker",
|
|
56
|
+
"CertificateAnalyzer",
|
|
57
|
+
"HybridIdentityChecker",
|
|
58
|
+
"HybridIdentityResult",
|
|
59
|
+
"OwaspScanner",
|
|
60
|
+
"SecurityHeaderChecker",
|
|
61
|
+
# New AI/LLM scanners
|
|
62
|
+
"LLMOwaspScanner",
|
|
63
|
+
"LLMJudge",
|
|
64
|
+
# New MCP modules
|
|
65
|
+
"MCPScanner",
|
|
66
|
+
"MCPAttacker",
|
|
67
|
+
"AuthorizationRequired",
|
|
68
|
+
# Original result models
|
|
69
|
+
"ScanResult",
|
|
70
|
+
"PortResult",
|
|
71
|
+
"L7Result",
|
|
72
|
+
"MTLSResult",
|
|
73
|
+
"CertificateInfo",
|
|
74
|
+
"OwaspScanResult",
|
|
75
|
+
"OwaspFinding",
|
|
76
|
+
"OwaspCategoryResult",
|
|
77
|
+
"SeverityLevel",
|
|
78
|
+
# New AI OWASP result models
|
|
79
|
+
"LLMScanResult",
|
|
80
|
+
"LLMFinding",
|
|
81
|
+
"LLMCategoryResult",
|
|
82
|
+
"LLMSeverity",
|
|
83
|
+
# New MCP result models
|
|
84
|
+
"MCPScanResult",
|
|
85
|
+
"MCPTool",
|
|
86
|
+
"MCPResource",
|
|
87
|
+
"MCPVulnerability",
|
|
88
|
+
"MCPAttackReport",
|
|
89
|
+
"MCPAttackResult",
|
|
90
|
+
"MCPTransport",
|
|
91
|
+
]
|