sufa 0.1.0__tar.gz

sufa-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,47 @@
+name: CI
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - run: pip install ruff
+      - run: ruff check src/ tests/
+      - run: ruff format --check src/ tests/
+
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - run: pip install -e ".[dev]"
+      - run: pytest tests/ -v --tb=short
+
+  build:
+    runs-on: ubuntu-latest
+    needs: [lint, test]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - run: pip install build
+      - run: python -m build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/

sufa-0.1.0/.github/workflows/docker.yml

@@ -0,0 +1,38 @@
+name: Docker
+
+on:
+  push:
+    tags: ["v*"]
+    branches: [master]
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: docker/setup-buildx-action@v3
+
+      - uses: docker/login-action@v3
+        if: github.event_name != 'pull_request'
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - uses: docker/metadata-action@v5
+        id: meta
+        with:
+          images: sufiyansaidsha/sufaai
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

sufa-0.1.0/.github/workflows/release.yml

@@ -0,0 +1,64 @@
+name: Release
+
+on:
+  push:
+    tags: ["v*"]
+
+permissions:
+  contents: write
+  id-token: write
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - run: pip install -e ".[dev]"
+      - run: pytest tests/ -v --tb=short
+
+  build:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - run: pip install build
+      - run: python -m build
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  pypi:
+    runs-on: ubuntu-latest
+    needs: build
+    environment: pypi
+    permissions:
+      id-token: write
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+      - uses: pypa/gh-action-pypi-publish@release/v1
+
+  github-release:
+    runs-on: ubuntu-latest
+    needs: build
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+      - uses: softprops/action-gh-release@v2
+        with:
+          files: dist/*
+          generate_release_notes: true

sufa-0.1.0/.gitignore

@@ -0,0 +1,37 @@
+__pycache__/
+*.py[cod]
+*$py.class
+*.egg-info/
+dist/
+build/
+.eggs/
+*.egg
+
+.env
+.env.*
+*.key
+secrets.*
+credentials.*
+
+*.sqlite
+*.db
+*.sqlite3
+
+.pytest_cache/
+.coverage
+htmlcov/
+.ruff_cache/
+
+.venv/
+venv/
+env/
+
+*.log
+logs/
+
+.idea/
+.vscode/
+.cursor/
+*.swp
+*.swo
+*~

sufa-0.1.0/Dockerfile

@@ -0,0 +1,23 @@
+FROM python:3.12-slim
+
+WORKDIR /app
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gcc libffi-dev && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY pyproject.toml README.md LICENSE ./
+COPY src/ src/
+COPY alembic.ini alembic/ ./alembic/
+COPY plugins/ plugins/
+
+RUN pip install --no-cache-dir ".[server,crawler]"
+
+EXPOSE 9000
+
+ENV SUFA_DB_URL="sqlite:///data/sufa.db"
+
+VOLUME ["/data"]
+
+ENTRYPOINT ["sufa"]
+CMD ["server", "start", "--port", "9000"]

sufa-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 sufa
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

sufa-0.1.0/PKG-INFO

@@ -0,0 +1,139 @@
+Metadata-Version: 2.4
+Name: sufa
+Version: 0.1.0
+Summary: AI-powered web vulnerability analysis platform
+Project-URL: Homepage, https://github.com/sufiyansaidsha/sufaAI
+Project-URL: Repository, https://github.com/sufiyansaidsha/sufaAI
+Project-URL: Issues, https://github.com/sufiyansaidsha/sufaAI/issues
+Project-URL: Documentation, https://github.com/sufiyansaidsha/sufaAI#readme
+Author: sufiyansaidsha
+License-Expression: MIT
+License-File: LICENSE
+Keywords: ai,burp,llm,owasp,pentest,scanner,security,vulnerability
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Requires-Python: >=3.11
+Requires-Dist: alembic>=1.13.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: jinja2>=3.1.0
+Requires-Dist: keyring>=25.0.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: python-dotenv>=1.0.0
+Requires-Dist: pyyaml>=6.0.0
+Requires-Dist: rich>=13.0.0
+Requires-Dist: sqlalchemy>=2.0.0
+Requires-Dist: structlog>=24.0.0
+Requires-Dist: typer>=0.9.0
+Provides-Extra: all
+Requires-Dist: beautifulsoup4>=4.12.0; extra == 'all'
+Requires-Dist: fastapi>=0.110.0; extra == 'all'
+Requires-Dist: lxml>=5.0.0; extra == 'all'
+Requires-Dist: mitmproxy>=10.0.0; extra == 'all'
+Requires-Dist: passlib[bcrypt]>=1.7.4; extra == 'all'
+Requires-Dist: psycopg2-binary>=2.9.0; extra == 'all'
+Requires-Dist: python-jose[cryptography]>=3.3.0; extra == 'all'
+Requires-Dist: uvicorn>=0.27.0; extra == 'all'
+Requires-Dist: weasyprint>=62.0; extra == 'all'
+Provides-Extra: crawler
+Requires-Dist: beautifulsoup4>=4.12.0; extra == 'crawler'
+Requires-Dist: lxml>=5.0.0; extra == 'crawler'
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest-cov>=5.0.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.3.0; extra == 'dev'
+Provides-Extra: pdf
+Requires-Dist: weasyprint>=62.0; extra == 'pdf'
+Provides-Extra: proxy
+Requires-Dist: mitmproxy>=10.0.0; extra == 'proxy'
+Provides-Extra: server
+Requires-Dist: fastapi>=0.110.0; extra == 'server'
+Requires-Dist: passlib[bcrypt]>=1.7.4; extra == 'server'
+Requires-Dist: psycopg2-binary>=2.9.0; extra == 'server'
+Requires-Dist: python-jose[cryptography]>=3.3.0; extra == 'server'
+Requires-Dist: uvicorn>=0.27.0; extra == 'server'
+Description-Content-Type: text/markdown
+
+# sufa
+
+AI-powered web vulnerability analysis platform.
+
+sufa combines AI reasoning, traditional scanning techniques, attack chain discovery, and pentester workflows into a unified CLI tool with Burp Suite integration.
+
+## Features
+
+- **AI-Powered Analysis** -- Passive and active vulnerability detection using Ollama, OpenAI, Claude, or Gemini
+- **Central Traffic Store** -- Persist, replay, and analyze HTTP traffic
+- **Smart Deduplication** -- Endpoint normalization prevents redundant analysis
+- **Attack Chain Discovery** -- AI connects individual findings into multi-step attack paths
+- **Event-Driven Architecture** -- Extensible plugin system with publish/subscribe events
+- **Data Redaction** -- Automatically strips sensitive data before sending to AI providers
+- **Multiple Report Formats** -- JSON, HTML, PDF, SARIF for CI/CD integration
+
+## Quick Start
+
+```bash
+pip install sufa
+
+# Configure AI provider
+sufa config set ai.provider ollama
+sufa config set ai.model deepseek-r1:latest
+
+# Test connectivity
+sufa provider test
+
+# Scan a target
+sufa scan https://target.example.com
+
+# View findings
+sufa findings list
+
+# Generate report
+sufa report generate --format html
+```
+
+## CLI Commands
+
+```
+sufa scan <url>                    Passive scan a target
+sufa scan --profile deep <url>     Deep scan with active verification
+sufa proxy start --port 8080       Start intercept proxy
+sufa import <file.har>             Import HAR file for analysis
+sufa replay <request-id>           Replay a stored request
+sufa findings list                 List all findings
+sufa findings chains               Show discovered attack chains
+sufa report generate --format pdf  Generate report
+sufa project create "name"         Create a project
+sufa config set <key> <value>      Set configuration
+sufa provider test                 Test AI provider connectivity
+sufa server start                  Start API server (Enterprise)
+```
+
+## AI Providers
+
+| Provider | Local | Cost |
+|----------|-------|------|
+| Ollama   | Yes   | Free |
+| OpenAI   | No    | Paid |
+| Claude   | No    | Paid |
+| Gemini   | No    | Paid |
+
+## Development
+
+```bash
+pip install -e ".[dev,all]"
+pytest
+```
+
+## License
+
+MIT

sufa-0.1.0/README.md

@@ -0,0 +1,74 @@
+# sufa
+
+AI-powered web vulnerability analysis platform.
+
+sufa combines AI reasoning, traditional scanning techniques, attack chain discovery, and pentester workflows into a unified CLI tool with Burp Suite integration.
+
+## Features
+
+- **AI-Powered Analysis** -- Passive and active vulnerability detection using Ollama, OpenAI, Claude, or Gemini
+- **Central Traffic Store** -- Persist, replay, and analyze HTTP traffic
+- **Smart Deduplication** -- Endpoint normalization prevents redundant analysis
+- **Attack Chain Discovery** -- AI connects individual findings into multi-step attack paths
+- **Event-Driven Architecture** -- Extensible plugin system with publish/subscribe events
+- **Data Redaction** -- Automatically strips sensitive data before sending to AI providers
+- **Multiple Report Formats** -- JSON, HTML, PDF, SARIF for CI/CD integration
+
+## Quick Start
+
+```bash
+pip install sufa
+
+# Configure AI provider
+sufa config set ai.provider ollama
+sufa config set ai.model deepseek-r1:latest
+
+# Test connectivity
+sufa provider test
+
+# Scan a target
+sufa scan https://target.example.com
+
+# View findings
+sufa findings list
+
+# Generate report
+sufa report generate --format html
+```
+
+## CLI Commands
+
+```
+sufa scan <url>                    Passive scan a target
+sufa scan --profile deep <url>     Deep scan with active verification
+sufa proxy start --port 8080       Start intercept proxy
+sufa import <file.har>             Import HAR file for analysis
+sufa replay <request-id>           Replay a stored request
+sufa findings list                 List all findings
+sufa findings chains               Show discovered attack chains
+sufa report generate --format pdf  Generate report
+sufa project create "name"         Create a project
+sufa config set <key> <value>      Set configuration
+sufa provider test                 Test AI provider connectivity
+sufa server start                  Start API server (Enterprise)
+```
+
+## AI Providers
+
+| Provider | Local | Cost |
+|----------|-------|------|
+| Ollama   | Yes   | Free |
+| OpenAI   | No    | Paid |
+| Claude   | No    | Paid |
+| Gemini   | No    | Paid |
+
+## Development
+
+```bash
+pip install -e ".[dev,all]"
+pytest
+```
+
+## License
+
+MIT

sufa-0.1.0/alembic/env.py

@@ -0,0 +1,39 @@
+"""Alembic environment configuration."""
+
+from logging.config import fileConfig
+
+from alembic import context
+from sqlalchemy import engine_from_config, pool
+
+from sufa.core.db.models import Base
+
+config = context.config
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+
+target_metadata = Base.metadata
+
+
+def run_migrations_offline() -> None:
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(url=url, target_metadata=target_metadata, literal_binds=True)
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online() -> None:
+    connectable = engine_from_config(
+        config.get_section(config.config_ini_section, {}),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,
+    )
+    with connectable.connect() as connection:
+        context.configure(connection=connection, target_metadata=target_metadata)
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

sufa-0.1.0/alembic/script.py.mako

@@ -0,0 +1,24 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+revision: str = ${repr(up_revision)}
+down_revision: Union[str, None] = ${repr(down_revision)}
+branch_labels: Union[str, Sequence[str], None] = ${repr(branch_labels)}
+depends_on: Union[str, Sequence[str], None] = ${repr(depends_on)}
+
+
+def upgrade() -> None:
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade() -> None:
+    ${downgrades if downgrades else "pass"}

sufa-0.1.0/alembic.ini

@@ -0,0 +1,36 @@
+[alembic]
+script_location = alembic
+sqlalchemy.url = sqlite:///%(here)s/sufa.db
+
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S

sufa-0.1.0/docker-compose.yml

@@ -0,0 +1,41 @@
+version: "3.9"
+
+services:
+  sufa:
+    build: .
+    ports:
+      - "9000:9000"
+    volumes:
+      - sufa-data:/data
+    environment:
+      - SUFA_DB_URL=sqlite:///data/sufa.db
+    restart: unless-stopped
+
+  sufa-postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_DB: sufa
+      POSTGRES_USER: sufa
+      POSTGRES_PASSWORD: sufa_secret
+    ports:
+      - "5432:5432"
+    volumes:
+      - pg-data:/var/lib/postgresql/data
+    profiles:
+      - enterprise
+
+  sufa-enterprise:
+    build: .
+    ports:
+      - "9000:9000"
+    environment:
+      - SUFA_DB_URL=postgresql://sufa:sufa_secret@sufa-postgres:5432/sufa
+    depends_on:
+      - sufa-postgres
+    restart: unless-stopped
+    profiles:
+      - enterprise
+
+volumes:
+  sufa-data:
+  pg-data:

sufa-0.1.0/plugins/graphql_scanner/plugin.py

@@ -0,0 +1,37 @@
+"""GraphQL Scanner Plugin -- detects GraphQL-specific security issues."""
+
+from __future__ import annotations
+
+from typing import Any
+
+from sufa.core.events.events import Event
+from sufa.core.plugins.interface import SufaPlugin
+
+
+class GraphQLScannerPlugin(SufaPlugin):
+    name = "graphql_scanner"
+    version = "0.1.0"
+    description = "Detect GraphQL-specific vulnerabilities"
+    author = "sufa"
+
+    def on_load(self, context: dict[str, Any]) -> None:
+        self._graphql_endpoints: set[str] = set()
+
+    def on_response(self, event: Event) -> None:
+        url = event.data.get("url", "")
+        body = event.data.get("body", "")
+
+        if any(p in url.lower() for p in ("/graphql", "/gql")):
+            self._graphql_endpoints.add(url)
+
+            if '"__schema"' in body or '"__type"' in body:
+                self._report_introspection(url)
+
+            if "errors" in body and "locations" in body:
+                self._report_verbose_errors(url)
+
+    def _report_introspection(self, url: str) -> None:
+        pass
+
+    def _report_verbose_errors(self, url: str) -> None:
+        pass