A brand new open-source safety platform referred to as SecSuite, developed underneath the TheSecuredAnalyst undertaking, has been launched, combining OSINT reconnaissance, internet vulnerability scanning, API safety evaluation, compliance checking, and AI-powered evaluation right into a single unified toolkit.
Out there on GitHub at 53cur3dL34rn/security-suite, the instrument targets safety professionals, penetration testers, and crimson groups who want a modular, extensible suite able to operating fully offline with native AI fashions.
SecSuite v0.1.0 ships with 11 OSINT modules, 6 internet safety scanners, and 4 API security testing tools, all accessible from a unified CLI or a REST API constructed on FastAPI.
The platform helps AI-powered evaluation through three suppliers: Ollama (for totally native, offline inference), Anthropic Claude, and OpenAI GPT. This AI layer allows automated correlation discovering, government abstract era, and interactive LLM-driven remediation workflows, making it one of many extra full open-source safety suites out there in the present day.
The instrument is designed with minimal friction in thoughts. A single setup script (setup.sh on Linux/macOS or setup.ps1 on Home windows) Handles all the set up chain: Python, all dependencies, Ollama, and a neighborhood AI mannequin with no administrator privileges required on Home windows.
SecSuite’s capabilities span the complete assault floor reconnaissance and testing lifecycle:
| Module | Capabilities | Integrations |
|---|---|---|
| OSINT (11 modules) | DNS, WHOIS, subdomain discovery, port scanning, tech detection, e-mail harvesting | nmap, Shodan, VirusTotal |
| Net Scanner (6 modules) | XSS, SQLi, listing bruteforce, SSL/TLS evaluation, crawling | Nuclei |
| API Safety (4 modules) | OpenAPI parsing, auth bypass, JWT testing, BOLA/IDOR, endpoint fuzzing | REST API |
| AI Evaluation | Discovering correlation, government summaries, interactive remediation | Ollama, Anthropic, OpenAI |
| SIEM Integration | Log forwarding, alerting, webhook supply | Splunk, Elasticsearch, Syslog, Slack/Discord/PagerDuty |
| Compliance | OWASP Prime 10, CIS Controls evaluation | — |
| Exploit | CVE lookup and exploit search | SearchSploit, Exploit-DB |
One of the operationally important capabilities in SecSuite is its AI-driven remediation engine (secsuite ai remediate). Quite than producing a static report, this module scans a goal, identifies findings, and interactively walks the operator by way of fixing every situation utilizing a neighborhood LLM.
For every discovering, similar to Redis operating with out authentication, the AI proposes particular shell instructions ([CHECK], [FIX], [VERIFY]) that the consumer can execute, edit, or skip in actual time.
This closes the hole between vulnerability identification and remediation, a workflow historically requiring separate tooling. Crucially, all the course of runs on native fashions like Qwen2.5 or LLaMA 3.2 through Ollama, which means no scan information, credentials, or infrastructure particulars go away the operator’s atmosphere.
The apisec module targets REST APIs by ingesting OpenAPI/Swagger specs and systematically testing found endpoints. Three sub-modules cowl distinct assault vectors:
endpoints— Exams for BOLA/IDOR, SQL/NoSQL/command injection, mass task, and data disclosure.auth— Checks for authentication bypass, damaged authentication, JWT weaknesses (together with thenonealgorithm assault and lackingexpclaims), and rate-limiting gaps.fuzzer— Sends boundary values, injection payloads, and malformed request our bodies to floor crashes and information leaks.
The REST API server (secsuite serve) exposes these capabilities as programmatic HTTP endpoints, enabling integration into current CI/CD pipelines, safety orchestration platforms, or customized tooling through curl or Python shoppers.
The net scanner module demonstrates sensible detection within the instrument’s demo output: a scan of instance.com accurately flags SSLv3 as enabled, figuring out the host as weak to the POODLE attack (CVE-2014-3566).
This real-time SSL/TLS evaluation module checks for deprecated protocol help, weak cipher suites, and certificates chain points, finishing in underneath one second in documented check circumstances.
XSS and SQL injection scanners, listing brute-force through wordlists, and Nuclei template-based vulnerability scanning spherical out the net testing floor.
SecSuite’s structure separates considerations into three layers: a consumer interface layer (CLI through Typer + REST API through FastAPI), a core infrastructure layer (goal modeling, caching, HTTP consumer, exporters), and a scanning module layer.
All scan outcomes might be exported in JSON, CSV, HTML, or Markdown. The scheduler module allows cron-based recurring scans with persistent historical past, and SIEM integration helps CEF/LEEF formatted log supply to Splunk, Elasticsearch, and Syslog pipelines.
All API keys, Shodan, VirusTotal, Anthropic, and OpenAI, are non-obligatory. Core performance operates fully with out exterior API keys by leveraging Ollama for native AI inference, making the instrument viable in air-gapped or restricted community environments.
SecSuite v0.1.0 is on the market now on GitHub under the 53cur3dL34rn/security-suite repository. The undertaking targets safety professionals conducting approved penetration testing, crimson group workouts, and safety assessments.
All API and AI integrations are non-obligatory, and the instrument’s modular structure permits groups to undertake solely the elements related to their evaluation scope.
Observe us on Google News, LinkedIn, and X to Get Extra Instantaneous Updates.