Skip to content

aravind-manoj/Hacker-AI

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

82 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ›‘οΈ Hacker.AI

Autonomous Agentic Penetration Testing & Intelligent Defense Platform

Next.js Python LangGraph Docker License

Hacker.AI is a next-generation cybersecurity platform that combines Autonomous AI Pentesting with Proactive Intelligent Defense (Smart SOC) to deliver a continuous security model β€” from vulnerability discovery to autonomous remediation.

Hacker.AI Landing Page


πŸ“‹ Table of Contents


πŸ” Overview

Traditional security scanners follow rigid, rule-based scripts that miss 0-day chains and complex business logic vulnerabilities. Hacker.AI replaces this with LLM-powered autonomous agents that reason through environments, adapt tactics in real-time, and escalate privileges through creative chain-of-thought processing.

The platform operates on two fronts:

Mode Purpose
AI Pentester Offensive β€” autonomous vulnerability discovery and exploitation
Smart SOC Defensive β€” continuous monitoring and autonomous patching

Documentation Overview


⚑ Key Features

Feature Description
AI Pentester Autonomous Main Agent that orchestrates offensive strategies, selects tools (Nmap, Metasploit, SQLMap), and spawns isolated sub-agents
Smart SOC Self-installing defense agent that deploys via SSH, performs periodic scans, and autonomously patches vulnerabilities
Contextual Awareness Agents leverage company-specific context (infrastructure, tech stack) for strategic decision-making
Docker Sandboxing Every sub-agent runs in an ephemeral Docker container with dynamic tool provisioning
Async Orchestration Celery + RabbitMQ for massive parallelization of offensive and defensive tasks
Real-time Terminal Live xterm.js terminal streaming sub-agent activity directly to the dashboard
Automated Reporting AI-generated vulnerability reports with severity classification and remediation guidance

πŸ— Architecture

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                        FRONTEND (Next.js 16)                     β”‚
β”‚  Landing Page ─── Auth ─── Dashboard ─── Docs                    β”‚
β”‚       β”‚               β”‚         β”‚                                β”‚
β”‚       β”‚          Better Auth    β”œβ”€β”€ Overview                     β”‚
β”‚       β”‚                         β”œβ”€β”€ Pentester (Attack UI)        β”‚
β”‚       β”‚                         β”œβ”€β”€ Systems (SSH Management)     β”‚
β”‚       β”‚                         β”œβ”€β”€ Reports (AI-Generated)       β”‚
β”‚       β”‚                         └── Context (Company Intel)      β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
             β”‚     tRPC + React Query                              
             β”‚                      β”‚                              
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                      API LAYER (tRPC Routers)                    β”‚
β”‚  pentester.ts ── overview.ts ── reports.ts ── systems.ts         β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
             β”‚                      β”‚                              
     β”Œβ”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”                     
     β”‚   Inngest      β”‚    β”‚   PostgreSQL    β”‚                     
     β”‚  (Event Fn)    β”‚    β”‚  (Drizzle ORM)  β”‚                     
     β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                     
             β”‚                                                     
     β”Œβ”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”                                            
     β”‚   RabbitMQ      β”‚                                           
     β”‚   (Message Q)   β”‚                                           
     β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜                                            
             β”‚                                                     
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚                   BACKEND (Python / Celery Workers)              β”‚
β”‚                                                                  β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”‚
β”‚  β”‚ Main Agent   │───▢│  Sub-Agents    │───▢│ Docker Containersβ”‚  β”‚
β”‚  β”‚ (LangGraph)  β”‚    β”‚  (LangGraph)   β”‚    β”‚ (Ephemeral)      β”‚  β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β”‚
β”‚         β”‚                                                        β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”                          β”‚
β”‚  β”‚ SSH Controllerβ”‚    β”‚Context Managerβ”‚                          β”‚
β”‚  β”‚ (Paramiko)   β”‚    β”‚(LLM Trimming) β”‚                          β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜                          β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

πŸ›  Tech Stack

Frontend

Technology Purpose
Next.js 16 App Router, React 19, Server Components
tRPC v11 End-to-end typesafe APIs
React Query Server state management and caching
Tailwind CSS v4 Styling with custom red hacker theme
Framer Motion Animations and transitions
Radix UI + shadcn/ui Accessible component primitives
xterm.js Real-time terminal rendering
Better Auth Authentication (email/password)
Inngest Serverless event-driven workflows

Backend

Technology Purpose
Python 3.13 Core runtime
LangGraph + LangChain Agentic AI framework (ReAct agents)
Celery Distributed task queue for agent execution
RabbitMQ Message broker for task distribution
Docker SDK Container lifecycle management
Paramiko SSH connections for Smart SOC deployment
Pyte Terminal emulation and ANSI parsing

Infrastructure

Technology Purpose
PostgreSQL Primary database
Drizzle ORM Type-safe schema management and migrations
Upstash Redis Caching and real-time flags (force-stop)
Docker Sandboxed execution environments

πŸ“ Project Structure

Hacker-AI/
β”œβ”€β”€ app/                          # Next.js App Router
β”‚   β”œβ”€β”€ (auth)/                   # Login & Register pages
β”‚   β”œβ”€β”€ api/                      # API routes (tRPC, auth, inngest)
β”‚   β”œβ”€β”€ dashboard/                # Main dashboard
β”‚   β”‚   β”œβ”€β”€ _components/
β”‚   β”‚   β”‚   β”œβ”€β”€ sections/
β”‚   β”‚   β”‚   β”‚   β”œβ”€β”€ overview.tsx      # System overview cards
β”‚   β”‚   β”‚   β”‚   β”œβ”€β”€ pentester.tsx     # Attack creation & monitoring
β”‚   β”‚   β”‚   β”‚   β”œβ”€β”€ systems.tsx       # SSH system management
β”‚   β”‚   β”‚   β”‚   β”œβ”€β”€ reports.tsx       # AI-generated reports
β”‚   β”‚   β”‚   β”‚   β”œβ”€β”€ context.tsx       # Company context input
β”‚   β”‚   β”‚   β”‚   └── settings.tsx      # User settings
β”‚   β”‚   β”‚   β”œβ”€β”€ sidebar.tsx           # Navigation sidebar
β”‚   β”‚   β”‚   └── section-header.tsx    # Reusable section header
β”‚   β”‚   └── pentester/            # Live pentester terminal view
β”‚   β”œβ”€β”€ docs/                     # Technical documentation page
β”‚   └── page.tsx                  # Landing page
β”‚
β”œβ”€β”€ backend/                      # Python AI Engine
β”‚   β”œβ”€β”€ main.py                   # Celery worker & AI orchestrator
β”‚   β”œβ”€β”€ agent.py                  # Main Agent (LangGraph ReAct)
β”‚   β”œβ”€β”€ sub_agent.py              # Sub-Agent with Docker tools
β”‚   β”œβ”€β”€ docker_controller.py      # Docker container management
β”‚   β”œβ”€β”€ ssh_controller.py         # SSH session management
β”‚   β”œβ”€β”€ context_manager.py        # LLM context trimming
β”‚   β”œβ”€β”€ prompts.py                # System prompts for agents
β”‚   β”œβ”€β”€ db_manager.py             # Database operations
β”‚   └── logger.py                 # Structured logging
β”‚
β”œβ”€β”€ trpc/                         # tRPC API Layer
β”‚   β”œβ”€β”€ routers/
β”‚   β”‚   β”œβ”€β”€ pentester.ts          # Attack CRUD & control
β”‚   β”‚   β”œβ”€β”€ overview.ts           # Dashboard statistics
β”‚   β”‚   β”œβ”€β”€ reports.ts            # Report generation & management
β”‚   β”‚   └── systems.ts            # System CRUD
β”‚   β”œβ”€β”€ init.ts                   # Router initialization
β”‚   └── server.ts                 # Server context
β”‚
β”œβ”€β”€ db/                           # Database Layer
β”‚   β”œβ”€β”€ schema.ts                 # Drizzle schema definitions
β”‚   β”œβ”€β”€ relations.ts              # Table relationships
β”‚   └── index.ts                  # DB client export
β”‚
β”œβ”€β”€ inngest/                      # Event-Driven Workflows
β”‚   β”œβ”€β”€ client.ts                 # Inngest client
β”‚   └── functions.ts              # Attack & Report workflows
β”‚
β”œβ”€β”€ toolkit/                      # Smart SOC Toolkit
β”‚   β”œβ”€β”€ install.sh                # Systemd service installer
β”‚   └── main.py                   # Monitoring agent script
β”‚
β”œβ”€β”€ components/                   # Shared UI Components
β”‚   β”œβ”€β”€ hero.tsx                  # Landing page hero
β”‚   β”œβ”€β”€ navbar.tsx                # Navigation bar
β”‚   β”œβ”€β”€ features.tsx              # Features showcase
β”‚   └── ui/                       # shadcn/ui primitives
β”‚
└── lib/                          # Shared Utilities
    β”œβ”€β”€ auth.ts                   # Better Auth server config
    β”œβ”€β”€ auth-client.ts            # Auth client helpers
    β”œβ”€β”€ rabbitmq.ts               # RabbitMQ publisher
    β”œβ”€β”€ redis.ts                  # Redis client
    └── utils.ts                  # General utilities

πŸ“Š Dashboard

The dashboard is the central control center, organized into focused sections:

Dashboard Overview

Section Description
Overview At-a-glance stats β€” total attacks, active scans, systems monitored, vulnerabilities found
Pentester Create attacks by specifying targets, attack vectors, and custom notes. Monitor live sub-agent terminals
Systems Register and manage servers via SSH credentials for Smart SOC deployment
Reports Generate AI-powered security reports from completed attacks or system scans
Context Provide company-specific intelligence (tech stack, infrastructure, policies) to enhance agent decision-making
Settings Profile management and account configuration

Pentester Terminal


πŸ—‘ AI Pentester Pipeline

The offensive pipeline follows a four-stage execution model:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  1. Objective │───▢│ 2. Tactical   │───▢│ 3. Docker    │───▢│ 4. Exploitationβ”‚
β”‚   Ingestion   β”‚    β”‚   Reasoning   β”‚    β”‚   Swarming   β”‚    β”‚     Loop       β”‚
β”‚               β”‚    β”‚               β”‚    β”‚              β”‚    β”‚                β”‚
β”‚ Inngest event β”‚    β”‚ LLM analyzes  β”‚    β”‚ Spawn ephm.  β”‚    β”‚ Feedback from  β”‚
β”‚ β†’ RabbitMQ    β”‚    β”‚ target + ctx  β”‚    β”‚ containers   β”‚    β”‚ sub-agents β†’   β”‚
β”‚ β†’ Celery      β”‚    β”‚ β†’ strategy    β”‚    β”‚ per tool     β”‚    β”‚ pivot/escalate β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Main Agent Tools: create_subagent, send_message, check_subagent_status, get_subagent_findings, list_subagents, stop_subagent, finalize_report, wait

Sub-Agent Tools: execute_command, read_terminal, wait_for_output, send_keys, check_messages, mark_step_completed, report_finding, report_to_main


πŸ›‘ Smart SOC Workflow

The defensive pipeline provides continuous autonomous protection:

SSH Discovery β†’ Agent Deployment β†’ Continuous Auditing β†’ Dashboard Reporting β†’ Autonomous Patching

Smart SOC

  1. SSH Discovery & Deployment β€” Agent connects via Paramiko, installs the monitoring subsystem as a systemd service
  2. Continuous Auditing β€” Periodic scans of the local system, kernel, and active services
  3. Dashboard Reporting β€” Vulnerabilities reported in real-time with severity and impact analysis
  4. Autonomous Patching β€” User clicks "Fix Now" β†’ agent executes targeted remediation scripts

�️ Eliminating False Positives

Hacker.AI moves beyond "vulnerability detection" to "vulnerability verification". We solve the industry-wide problem of false positive fatigue through three core pillars:

1. Proof-of-Exploitation (Offensive)

Standard scanners flag version banners. Hacker.AI agents flag outcomes. The AI Pentester doesn't report a vulnerability until a sub-agent verifies it through a safe exploitation loop or proof-of-concept. If an exploit doesn't trigger, the risk is downgraded.

2. Direct Introspection (Defensive)

The Smart SOC agent runs locally on your servers. It doesn't guess based on network packets; it audits real-time process states, configuration files on disk, and kernel-level vulnerabilities. This eliminates 99% of network-artifact noise.

3. Contextual Reasoning

By utilizing the Context Dashboard, the AI understands your environment. It won't flag deliberate "internal-only" shortcuts or "test-bench" configurations if you've marked them as intentional, allowing your team to focus on real external threats.


�🐳 Docker Sandboxing

Every sub-agent operates in complete isolation:

  • Ephemeral Lifecycle β€” Containers are created per-task and destroyed on completion
  • Dynamic Tool Provisioning β€” Tools are installed inside containers only when the attack vector requires them
  • Network Segregation β€” Isolated virtual networks prevent unauthorized lateral movement
  • Resource Quotas β€” CGroup limits on CPU/RAM protect host stability

πŸ—„ Database Schema

Table Purpose
user User accounts with email verification
session / account Better Auth session and OAuth management
attack Pentesting engagements with targets, vectors, status, and final report
attack_vm Individual sub-agent containers with task, terminal buffer, and findings
system Registered servers with SSH credentials for Smart SOC
vulnerability Discovered vulnerabilities linked to systems, with fix status tracking
report Generated security reports linked to users

πŸš€ Getting Started

Prerequisites

  • Node.js 20+ / Bun 1.0+
  • Python 3.13+
  • Docker (running daemon)
  • PostgreSQL database
  • RabbitMQ instance
  • Redis instance (Upstash recommended)

Frontend Setup

# Install dependencies
bun install

# Push database schema
bun run db:push

# Start development server
bun run dev

Backend Setup

cd backend

# Install Python dependencies (using uv)
uv sync

# Start the Celery worker
celery -A main worker --loglevel=info

Inngest Dev Server

bun run inngest

πŸ” Environment Variables

Create a .env file in the project root:

# Database
DATABASE_URL=postgresql://...

# Authentication
BETTER_AUTH_SECRET=your-secret-key

# Message Queue
RABBITMQ_URL=amqp://...

# Cache / Real-time
REDIS_URL=redis://...
UPSTASH_REDIS_REST_URL=https://...
UPSTASH_REDIS_REST_TOKEN=...

# AI Models
GROQ_API_KEY=your-groq-key

# Inngest
INNGEST_EVENT_KEY=your-event-key

πŸ“œ Scripts

Command Description
bun run dev Start Next.js dev server
bun run build Production build
bun run db:generate Generate Drizzle migrations
bun run db:push Push schema to database
bun run db:studio Open Drizzle Studio GUI
bun run inngest Start Inngest dev server

Built by the Hacker.AI Team

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors