GhostKit is a lightweight, portable cybersecurity toolbelt that lives entirely on a USB flash drive. Think Kali Linux, but slimmer, smarter, and supercharged with an offline AI Security Assistant β no internet, no installation, no trace.
Plug it in. Launch the menu. Audit, scan, and diagnose β then unplug and disappear like a ghost.
 Nmap Scanner AI-powered port & service analysis with instant vulnerability summaries |
 Nuclei Scanner Template-driven web vulnerability scanning β fully offline |
 Local LLM Brain Ollama / LM Studio / Llamafile β explain logs, draft scripts, advise fixes |
 Wireshark Launch the industry standard network protocol analyzer instantly |
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β βββββββ βββ βββ βββββββ ββββββββββββββββββββ βββββββββββββββ β
β ββββββββ βββ ββββββββββββββββββββββββββββββββ ββββββββββββββββ β
β βββ βββββββββββββββ βββββββββββ βββ βββββββ βββ βββ β
β βββ ββββββββββββββ βββββββββββ βββ βββββββ βββ βββ β
β ββββββββββββ ββββββββββββββββββββ βββ βββ ββββββ βββ β
β βββββββ βββ βββ βββββββ ββββββββ βββ βββ ββββββ βββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π PLUG IN USB
β
βΌ
ββββββββββββββββββββββββββββββββββββββ
β GhostKit.bat β β Double-click to launch
β Main Menu β
ββββββββββββββ¬ββββββββββββββββββββββββ
β
βββββββββββ΄βββββββββββββββββββββββββββββββββββββββ
β β
βΌ βΌ
ββββββββββββββββββββ ββββββββββββββββββββββββ
β Network Audit β β Web Audit (Nuclei) β
β (Nmap) β β Target URL β
ββββββββββ¬ββββββββββ ββββββββββββ¬ββββββββββββ
β β
βΌ βΌ
[ Scan Output ] [ CVE Findings ]
β β
ββββββββββββββββ¬ββββββββββββββββββββββββββββ
β
βΌ
ββββββββββββββββββββββββ
β π€ AI ASSISTANT β
β (Local LLM Engine) β
β Ollama / Llamafile β
β LM Studio β
ββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββ
β π Human-Readable β
β Security Report β
β + Remediation Steps β
βββββββββββββββββββββββββββ
GhostKit/
β
βββ π GhostKit.bat β Main launcher (double-click this!)
βββ βοΈ setup.ps1 β One-click environment bootstrapper
βββ π README.md
β
βββ π scripts/
β βββ π€ ai_assistant.py β Offline LLM engine & log analyzer
β βββ π network_audit.py β Nmap scanner + AI analysis
β βββ π web_audit.py β Nuclei web scanner + AI analysis
β
βββ π models/ β Drop your .gguf / llamafile here
β βββ .gitkeep
β
βββ π tools/ β Drop your portable binaries here
βββ python/ β Auto-downloaded by setup.ps1
βββ nmap/ β Extract nmap.exe here
βββ nuclei/ β Extract nuclei.exe here
βββ wireshark/ β Extract Wireshark Portable here
Prerequisites: A USB drive (8GB+ recommended), a machine with internet access for the one-time setup.
GhostKit.bat β Option 1: Setup EnvironmentThis will automatically:
- β
Create the
tools/,scripts/,models/directory structure - β Download Portable Python 3.11 (embeddable, no install required)
- β
Install
pipand required packages in the isolated environment
| Tool | Where to Download | Place at |
|---|---|---|
| Nmap | nmap.org/download | tools/nmap/nmap.exe |
| Nuclei | GitHub Releases | tools/nuclei/nuclei.exe |
| Wireshark | PortableApps.com | tools/wireshark/Wireshark.exe |
Pick one of the following local LLM engines and place your model in models/:
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ENGINE PORT HOW TO USE β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β π¦ Llamafile :8080 Run the .llamafile executable β
β π₯οΈ LM Studio :8080 Load a .gguf β Start Server β
β π Ollama :11434 ollama serve β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π‘ Recommended for USB: Meta-Llama-3-8B-Instruct.Q4_K_M.llamafile β self-contained, single-file, runs on any machine.
Launch GhostKit.bat and pick from the menu:
=======================================================
GhostKit: Portable Security Suite
=======================================================
1. Setup Environment
2. Run AI-Assisted Network Audit (Nmap)
3. Run AI-Assisted Web Audit (Nuclei)
4. Launch Wireshark
5. Interactive AI Security Assistant
6. Exit
Enter target: 192.168.1.1
[+] Running Nmap scan...
[+] Sending results to AI Assistant...
--- AI Analysis ---
Port 22 (SSH) is open and running OpenSSH 8.2.
β οΈ Older version detected β CVE-2023-XXXXX applies.
β
Recommendation: Upgrade to OpenSSH 9.x and disable password auth.
---
Enter target: https://example.com
[+] Running Nuclei scan... (offline mode)
[+] Sending findings to AI Assistant...
--- AI Analysis ---
Found: exposed .env file at /api/.env
π¨ HIGH SEVERITY β API keys may be leaked.
β
Recommendation: Block access to .env via server config.
---
GhostKit is designed exclusively for:
- β Penetration testing on your own networks and systems
- β Authorized security assessments with written permission
- β Educational use and learning cybersecurity concepts
β Do NOT use GhostKit against systems you do not own or have explicit permission to test. Unauthorized use may violate the Computer Fraud and Abuse Act (CFAA) and similar laws.
Contributions are welcome! Feel free to open an issue or submit a pull request.
git clone https://github.com/geevarghesekthomas84-sys/GhostKit.gitMade with β€οΈ for the security community
