From 11a5913652a24ae4c2d0c2f4ff77df921a27a45a Mon Sep 17 00:00:00 2001 From: lintsinghua Date: Mon, 22 Dec 2025 00:39:38 +0800 Subject: [PATCH] =?UTF-8?q?docs:=20=E6=B7=BB=E5=8A=A0=E4=B8=AD=E6=96=87REA?= =?UTF-8?q?DME=E6=96=87=E4=BB=B6=E5=B9=B6=E6=9B=B4=E6=96=B0=E8=8B=B1?= =?UTF-8?q?=E6=96=87README?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 添加简体中文版README_CN.md文件,并同步更新英文版README.md内容 删除旧的README_EN.md文件,统一使用README.md作为英文文档 --- README.md | 375 ++++++++++++++++++++---------------------- README_CN.md | 454 +++++++++++++++++++++++++++++++++++++++++++++++++++ README_EN.md | 427 ------------------------------------------------ 3 files changed, 628 insertions(+), 628 deletions(-) create mode 100644 README_CN.md delete mode 100644 README_EN.md diff --git a/README.md b/README.md index e697f4d..e94a676 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ -# DeepAudit - 人人拥有的 AI 审计战队,让漏洞挖掘触手可及 🦸‍♂️ +# DeepAudit - Your AI Security Audit Team, Making Vulnerability Discovery Accessible + +> Making code vulnerability discovery as easy as breathing, even beginners can find bugs

- 简体中文 | English + 简体中文 | English

@@ -34,217 +36,192 @@ -## 📸 界面预览 +## Screenshots
-### 🤖 Agent 审计入口 +### Agent Audit Entry -Agent审计入口 +Agent Audit Entry -*首页快速进入 Multi-Agent 深度审计* +*Quick access to Multi-Agent deep audit from homepage*
-📋 审计流日志

-审计流日志
-实时查看 Agent 思考与执行过程 +Audit Flow Logs

+Audit Flow Logs
+Real-time view of Agent thinking and execution process 		-🎛️ 智能仪表盘

-仪表盘
-一眼掌握项目安全态势 +Smart Dashboard

+Dashboard
+Grasp project security posture at a glance
-⚡ 即时分析

-即时分析
-粘贴代码 / 上传文件,秒出结果 +Instant Analysis

+Instant Analysis
+Paste code / upload files, get results in seconds 		-🗂️ 项目管理

-项目管理
-GitHub/GitLab 导入,多项目协同管理 +Project Management

+Project Management
+GitHub/GitLab import, multi-project collaboration
-### 📊 专业报告 +### Professional Reports -审计报告 +Audit Report -*一键导出 PDF / Markdown / JSON*(图中为快速模式,非Agent模式报告) +*One-click export to PDF / Markdown / JSON* (Quick mode shown, not Agent mode report) -👉 [查看Agent审计完整报告示例](https://lintsinghua.github.io/) +[View Full Agent Audit Report Example](https://lintsinghua.github.io/)
--- -## ⚡ 项目概述 +## Overview -**DeepAudit** 是一个基于 **Multi-Agent 协作架构**的下一代代码安全审计平台。它不仅仅是一个静态扫描工具,而是模拟安全专家的思维模式,通过多个智能体(**Orchestrator**, **Recon**, **Analysis**, **Verification**)的自主协作,实现对代码的深度理解、漏洞挖掘和 **自动化沙箱 PoC 验证**。 +**DeepAudit** is a next-generation code security audit platform based on **Multi-Agent collaborative architecture**. It's not just a static scanning tool, but simulates the thinking patterns of security experts through autonomous collaboration of multiple agents (**Orchestrator**, **Recon**, **Analysis**, **Verification**), achieving deep code understanding, vulnerability discovery, and **automated sandbox PoC verification**. -我们致力于解决传统 SAST 工具的三大痛点: -- **误报率高** — 缺乏语义理解,大量误报消耗人力 -- **业务逻辑盲点** — 无法理解跨文件调用和复杂逻辑 -- **缺乏验证手段** — 不知道漏洞是否真实可利用 +We are committed to solving three major pain points of traditional SAST tools: +- **High false positive rate** — Lack of semantic understanding, massive false positives consume manpower +- **Business logic blind spots** — Cannot understand cross-file calls and complex logic +- **Lack of verification methods** — Don't know if vulnerabilities are actually exploitable -用户只需导入项目,DeepAudit 便全自动开始工作:识别技术栈 → 分析潜在风险 → 生成脚本 → 沙箱验证 → 生成报告,最终输出一份专业审计报告。 +Users only need to import a project, and DeepAudit automatically starts working: identify tech stack → analyze potential risks → generate scripts → sandbox verification → generate report, ultimately outputting a professional audit report. -> **核心理念**: 让 AI 像黑客一样攻击,像专家一样防御。 +> **Core Philosophy**: Let AI attack like a hacker, defend like an expert. -## 💡 为什么选择 DeepAudit? +## Why Choose DeepAudit?
-| 😫 传统审计的痛点 | 💡 DeepAudit 解决方案 | +| Traditional Audit Pain Points | DeepAudit Solutions | | :--- | :--- | -| **人工审计效率低**
跨不上 CI/CD 代码迭代速度,拖慢发布流程 | **🤖 Multi-Agent 自主审计**
AI 自动编排审计策略,全天候自动化执行 | -| **传统工具误报多**
缺乏语义理解,每天花费大量时间清洗噪音 | **🧠 RAG 知识库增强**
结合代码语义与上下文,大幅降低误报率 | -| **数据隐私担忧**
担心核心源码泄露给云端 AI,无法满足合规要求 | **🔒 支持 Ollama 本地部署**
数据不出内网,支持 Llama3/DeepSeek 等本地模型 | -| **无法确认真实性**
外包项目漏洞多,不知道哪些漏洞真实可被利用 | **💥 沙箱 PoC 验证**
自动生成并执行攻击脚本,确认漏洞真实危害 | +| **Low manual audit efficiency**
Can't keep up with CI/CD iteration speed, slowing release process | **Multi-Agent Autonomous Audit**
AI automatically orchestrates audit strategies, 24/7 automated execution | +| **Too many false positives**
Lack of semantic understanding, spending lots of time cleaning noise daily | **RAG Knowledge Enhancement**
Combining code semantics with context, significantly reducing false positives | +| **Data privacy concerns**
Worried about core source code leaking to cloud AI, can't meet compliance requirements | **Ollama Local Deployment Support**
Data stays on-premises, supports Llama3/DeepSeek and other local models | +| **Can't confirm authenticity**
Outsourced projects have many vulnerabilities, don't know which are truly exploitable | **Sandbox PoC Verification**
Automatically generate and execute attack scripts, confirm real vulnerability impact |
--- -## 🏗️ 系统架构 +## System Architecture -### 整体架构图 +### Architecture Diagram -DeepAudit 采用微服务架构,核心由 Multi-Agent 引擎驱动。 +DeepAudit adopts microservices architecture, driven by the Multi-Agent engine at its core.
-DeepAudit 架构图 +DeepAudit Architecture
-### 🔄 审计工作流 +### Audit Workflow -| 步骤 | 阶段 | 负责 Agent | 主要动作 | +| Step | Phase | Responsible Agent | Main Actions | |:---:|:---:|:---:|:---| -| 1 | **策略规划** | **Orchestrator** | 接收审计任务,分析项目类型,制定审计计划,下发任务给子 Agent | -| 2 | **信息收集** | **Recon Agent** | 扫描项目结构,识别框架/库/API,提取攻击面(Entry Points) | -| 3 | **漏洞挖掘** | **Analysis Agent** | 结合 RAG 知识库与 AST 分析,深度审查代码,发现潜在漏洞 | -| 4 | **PoC 验证** | **Verification Agent** | **(关键)** 编写 PoC 脚本,在 Docker 沙箱中执行。如失败则自我修正重试 | -| 5 | **报告生成** | **Orchestrator** | 汇总所有发现,剔除被验证为误报的漏洞,生成最终报告 | +| 1 | **Strategy Planning** | **Orchestrator** | Receive audit task, analyze project type, formulate audit plan, dispatch tasks to sub-agents | +| 2 | **Information Gathering** | **Recon Agent** | Scan project structure, identify frameworks/libraries/APIs, extract attack surface (Entry Points) | +| 3 | **Vulnerability Discovery** | **Analysis Agent** | Combine RAG knowledge base with AST analysis, deep code review, discover potential vulnerabilities | +| 4 | **PoC Verification** | **Verification Agent** | **(Critical)** Write PoC scripts, execute in Docker sandbox. Self-correct and retry if failed | +| 5 | **Report Generation** | **Orchestrator** | Aggregate all findings, filter out verified false positives, generate final report | -### 📂 项目代码结构 +### Project Structure ```text DeepAudit/ -├── backend/ # Python FastAPI 后端 +├── backend/ # Python FastAPI Backend │ ├── app/ -│ │ ├── agents/ # Multi-Agent 核心逻辑 -│ │ │ ├── orchestrator.py # 总指挥:任务编排 -│ │ │ ├── recon.py # 侦察兵:资产识别 -│ │ │ ├── analysis.py # 分析师:漏洞挖掘 -│ │ │ └── verification.py # 验证者:沙箱 PoC -│ │ ├── core/ # 核心配置与沙箱接口 -│ │ ├── models/ # 数据库模型 -│ │ └── services/ # RAG, LLM 服务封装 -│ └── tests/ # 单元测试 -├── frontend/ # React + TypeScript 前端 +│ │ ├── agents/ # Multi-Agent Core Logic +│ │ │ ├── orchestrator.py # Commander: Task Orchestration +│ │ │ ├── recon.py # Scout: Asset Identification +│ │ │ ├── analysis.py # Analyst: Vulnerability Discovery +│ │ │ └── verification.py # Verifier: Sandbox PoC +│ │ ├── core/ # Core Config & Sandbox Interface +│ │ ├── models/ # Database Models +│ │ └── services/ # RAG, LLM Service Wrappers +│ └── tests/ # Unit Tests +├── frontend/ # React + TypeScript Frontend │ ├── src/ -│ │ ├── components/ # UI 组件库 -│ │ ├── pages/ # 页面路由 -│ │ └── stores/ # Zustand 状态管理 -├── docker/ # Docker 部署配置 -│ ├── sandbox/ # 安全沙箱镜像构建 -│ └── postgres/ # 数据库初始化 -└── docs/ # 详细文档 +│ │ ├── components/ # UI Component Library +│ │ ├── pages/ # Page Routes +│ │ └── stores/ # Zustand State Management +├── docker/ # Docker Deployment Config +│ ├── sandbox/ # Security Sandbox Image Build +│ └── postgres/ # Database Initialization +└── docs/ # Detailed Documentation ``` --- -## 🚀 快速开始 +## Quick Start -### 方式一:一行命令部署(推荐) +### Option 1: One-Line Deployment (Recommended) -使用预构建的 Docker 镜像,无需克隆代码,一行命令即可启动: +Using pre-built Docker images, no need to clone code, start with one command: ```bash curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.yml | docker compose -f - up -d ``` -## 🇨🇳 国内加速部署(作者亲测非常无敌之快) - -使用南京大学镜像站加速拉取 Docker 镜像(将 `ghcr.io` 替换为 `ghcr.nju.edu.cn`): - -```bash -# 国内加速版 - 使用南京大学 GHCR 镜像站 -curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.cn.yml | docker compose -f - up -d -``` -
-手动拉取镜像(如需单独拉取)(点击展开) - -```bash -# 前端镜像 -docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-frontend:latest - -# 后端镜像 -docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-backend:latest - -# 沙箱镜像 -docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest -``` -
- -> 💡 镜像源由 [南京大学开源镜像站](https://mirrors.nju.edu.cn/) 提供支持 - -> 🎉 **启动成功!** 访问 http://localhost:3000 开始体验。 +> **Success!** Visit http://localhost:3000 to start exploring. --- -### 方式二:克隆代码部署 +### Option 2: Clone and Deploy -适合需要自定义配置或二次开发的用户: +Suitable for users who need custom configuration or secondary development: ```bash -# 1. 克隆项目 +# 1. Clone project git clone https://github.com/lintsinghua/DeepAudit.git && cd DeepAudit -# 2. 配置环境变量 +# 2. Configure environment variables cp backend/env.example backend/.env -# 编辑 backend/.env 填入你的 LLM API Key +# Edit backend/.env and fill in your LLM API Key -# 3. 一键启动 +# 3. One-click start docker compose up -d ``` -> 首次启动会自动构建沙箱镜像,可能需要几分钟。 +> First startup will automatically build the sandbox image, which may take a few minutes. --- -## 🔧 源码开发指南 +## Development Guide -适合开发者进行二次开发调试。 +For developers doing secondary development and debugging. -### 环境要求 +### Requirements - Python 3.11+ - Node.js 20+ - PostgreSQL 15+ -- Docker (用于沙箱) +- Docker (for sandbox) -### 1. 后端启动 +### 1. Backend Setup ```bash cd backend -# 使用 uv 管理环境(推荐) +# Use uv for environment management (recommended) uv sync source .venv/bin/activate -# 启动 API 服务 +# Start API service uvicorn app.main:app --reload ``` -### 2. 前端启动 +### 2. Frontend Setup ```bash cd frontend @@ -252,63 +229,59 @@ pnpm install pnpm dev ``` -### 3. 沙箱环境 +### 3. Sandbox Environment -开发模式下需要本地 Docker 拉取沙箱镜像: +Development mode requires pulling the sandbox image locally: ```bash -# 标准拉取 docker pull ghcr.io/lintsinghua/deepaudit-sandbox:latest - -# 国内加速(南京大学镜像站) -docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest ``` --- -## 🤖 Multi-Agent 智能审计 +## Multi-Agent Intelligent Audit -### 支持的漏洞类型 +### Supported Vulnerability Types
-| 漏洞类型 | 描述 | +| Vulnerability Type | Description | |---------|------| -| `sql_injection` | SQL 注入 | -| `xss` | 跨站脚本攻击 | -| `command_injection` | 命令注入 | -| `path_traversal` | 路径遍历 | -| `ssrf` | 服务端请求伪造 | -| `xxe` | XML 外部实体注入 | +| `sql_injection` | SQL Injection | +| `xss` | Cross-Site Scripting | +| `command_injection` | Command Injection | +| `path_traversal` | Path Traversal | +| `ssrf` | Server-Side Request Forgery | +| `xxe` | XML External Entity Injection | -| 漏洞类型 | 描述 | +| Vulnerability Type | Description | |---------|------| -| `insecure_deserialization` | 不安全反序列化 | -| `hardcoded_secret` | 硬编码密钥 | -| `weak_crypto` | 弱加密算法 | -| `authentication_bypass` | 认证绕过 | -| `authorization_bypass` | 授权绕过 | -| `idor` | 不安全直接对象引用 | +| `insecure_deserialization` | Insecure Deserialization | +| `hardcoded_secret` | Hardcoded Secrets | +| `weak_crypto` | Weak Cryptography | +| `authentication_bypass` | Authentication Bypass | +| `authorization_bypass` | Authorization Bypass | +| `idor` | Insecure Direct Object Reference |
-> 📖 详细文档请查看 **[Agent 审计指南](docs/AGENT_AUDIT.md)** +> For detailed documentation, see **[Agent Audit Guide](docs/AGENT_AUDIT.md)** --- -## 🔌 支持的 LLM 平台 +## Supported LLM Platforms
-

🌍 国际平台

+

International Platforms

OpenAI GPT-4o / GPT-4
Claude 3.5 Sonnet / Opus
@@ -317,85 +290,85 @@ DeepSeek V3

-

🇨🇳 国内平台

+

Chinese Platforms

-通义千问 Qwen
-智谱 GLM-4
+Qwen (Tongyi Qianwen)
+Zhipu GLM-4
Moonshot Kimi
-文心一言 · MiniMax · 豆包 +Wenxin · MiniMax · Doubao

-

🏠 本地部署

+

Local Deployment

Ollama
Llama3 · Qwen2.5 · CodeLlama
DeepSeek-Coder · Codestral
-代码不出内网 +Code stays on-premises

-> 💡 支持 API 中转站,解决网络访问问题 | 详细配置 → [LLM 平台支持](docs/LLM_PROVIDERS.md) +> Supports API proxies to solve network access issues | Detailed configuration → [LLM Platform Support](docs/LLM_PROVIDERS.md) --- -## 🎯 功能矩阵 +## Feature Matrix -| 功能 | 说明 | 模式 | +| Feature | Description | Mode | |------|------|------| -| 🤖 **Agent 深度审计** | Multi-Agent 协作,自主编排审计策略 | Agent | -| 🧠 **RAG 知识增强** | 代码语义理解,CWE/CVE 知识库检索 | Agent | -| 🔒 **沙箱 PoC 验证** | Docker 隔离执行,验证漏洞有效性 | Agent | -| 🗂️ **项目管理** | GitHub/GitLab 导入,ZIP 上传,10+ 语言支持 | 通用 | -| ⚡ **即时分析** | 代码片段秒级分析,粘贴即用 | 通用 | -| 🔍 **五维检测** | Bug · 安全 · 性能 · 风格 · 可维护性 | 通用 | -| 💡 **What-Why-How** | 精准定位 + 原因解释 + 修复建议 | 通用 | -| 📋 **审计规则** | 内置 OWASP Top 10,支持自定义规则集 | 通用 | -| 📝 **提示词模板** | 可视化管理,支持中英文双语 | 通用 | -| 📊 **报告导出** | PDF / Markdown / JSON 一键导出 | 通用 | -| ⚙️ **运行时配置** | 浏览器配置 LLM,无需重启服务 | 通用 | +| **Agent Deep Audit** | Multi-Agent collaboration, autonomous audit strategy orchestration | Agent | +| **RAG Knowledge Enhancement** | Code semantic understanding, CWE/CVE knowledge base retrieval | Agent | +| **Sandbox PoC Verification** | Docker isolated execution, verify vulnerability validity | Agent | +| **Project Management** | GitHub/GitLab import, ZIP upload, 10+ language support | General | +| **Instant Analysis** | Code snippet analysis in seconds, paste and use | General | +| **Five-Dimensional Detection** | Bug · Security · Performance · Style · Maintainability | General | +| **What-Why-How** | Precise location + cause explanation + fix suggestions | General | +| **Audit Rules** | Built-in OWASP Top 10, supports custom rule sets | General | +| **Prompt Templates** | Visual management, bilingual support | General | +| **Report Export** | One-click export to PDF / Markdown / JSON | General | +| **Runtime Configuration** | Configure LLM in browser, no service restart needed | General | -## 🦖 发展路线图 +## Roadmap -我们正在持续演进,未来将支持更多语言和更强大的 Agent 能力。 +We are continuously evolving, with more language support and stronger Agent capabilities coming. -- [x] 基础静态分析,集成 Semgrep -- [x] 引入 RAG 知识库,支持 Docker 安全沙箱 -- [x] **Multi-Agent 协作架构** (Current) -- [ ] 支持更真实的模拟服务环境,进行更真实漏洞验证流程 -- [ ] 沙箱从function_call优化集成为稳定MCP服务 -- [ ] **自动修复 (Auto-Fix)**: Agent 直接提交 PR 修复漏洞 -- [ ] **增量PR审计**: 持续跟踪 PR 变更,智能分析漏洞,并集成CI/CD流程 -- [ ] **优化RAG**: 支持自定义知识库 +- [x] Basic static analysis, Semgrep integration +- [x] RAG knowledge base introduction, Docker security sandbox support +- [x] **Multi-Agent Collaborative Architecture** (Current) +- [ ] Support for more realistic simulated service environments for more authentic vulnerability verification +- [ ] Optimize sandbox from function_call to stable MCP service +- [ ] **Auto-Fix**: Agent directly submits PRs to fix vulnerabilities +- [ ] **Incremental PR Audit**: Continuously track PR changes, intelligently analyze vulnerabilities, integrate with CI/CD +- [ ] **Optimized RAG**: Support custom knowledge bases --- -## 🤝 贡献与社区 +## Contributing & Community -### 贡献指南 -我们非常欢迎您的贡献!无论是提交 Issue、PR 还是完善文档。 -请查看 [CONTRIBUTING.md](./CONTRIBUTING.md) 了解详情。 +### Contributing Guide +We warmly welcome your contributions! Whether it's submitting Issues, PRs, or improving documentation. +Please check [CONTRIBUTING.md](./CONTRIBUTING.md) for details. -### 📬 联系作者 +### Contact
-**欢迎大家来和我交流探讨!无论是技术问题、功能建议还是合作意向,都期待与你沟通~** +**Feel free to reach out for technical discussions, feature suggestions, or collaboration opportunities!** -| 联系方式 | | +| Contact | | |:---:|:---:| -| 📧 **邮箱** | **lintsinghua@qq.com** | -| 🐙 **GitHub** | [@lintsinghua](https://github.com/lintsinghua) | +| **Email** | **lintsinghua@qq.com** | +| **GitHub** | [@lintsinghua](https://github.com/lintsinghua) |
-## 📄 许可证 +## License -本项目采用 [AGPL-3.0 License](LICENSE) 开源。 +This project is open-sourced under the [AGPL-3.0 License](LICENSE). -## 📈 项目热度 +## Star History @@ -413,42 +386,42 @@ DeepSeek-Coder · Codestral
--- -## 致谢 +## Acknowledgements -感谢以下开源项目的支持: +Thanks to the following open-source projects for their support: [FastAPI](https://fastapi.tiangolo.com/) · [LangChain](https://langchain.com/) · [LangGraph](https://langchain-ai.github.io/langgraph/) · [ChromaDB](https://www.trychroma.com/) · [LiteLLM](https://litellm.ai/) · [Tree-sitter](https://tree-sitter.github.io/) · [Kunlun-M](https://github.com/LoRexxar/Kunlun-M) · [Strix](https://github.com/usestrix/strix) · [React](https://react.dev/) · [Vite](https://vitejs.dev/) · [Radix UI](https://www.radix-ui.com/) · [TailwindCSS](https://tailwindcss.com/) · [shadcn/ui](https://ui.shadcn.com/) --- -## ⚠️ 重要安全声明 +## Important Security Notice -### 法律合规声明 -1. 禁止**任何未经授权的漏洞测试、渗透测试或安全评估** -2. 本项目仅供网络空间安全学术研究、教学和学习使用 -3. 严禁将本项目用于任何非法目的或未经授权的安全测试 +### Legal Compliance Statement +1. **Any unauthorized vulnerability testing, penetration testing, or security assessment is prohibited** +2. This project is only for cybersecurity academic research, teaching, and learning purposes +3. It is strictly prohibited to use this project for any illegal purposes or unauthorized security testing -### 漏洞上报责任 -1. 发现任何安全漏洞时,请及时通过合法渠道上报 -2. 严禁利用发现的漏洞进行非法活动 -3. 遵守国家网络安全法律法规,维护网络空间安全 +### Vulnerability Reporting Responsibility +1. When discovering any security vulnerabilities, please report them through legitimate channels promptly +2. It is strictly prohibited to use discovered vulnerabilities for illegal activities +3. Comply with national cybersecurity laws and regulations, maintain cyberspace security -### 使用限制 -- 仅限在授权环境下用于教育和研究目的 -- 禁止用于对未授权系统进行安全测试 -- 使用者需对自身行为承担全部法律责任 +### Usage Restrictions +- Only for educational and research purposes in authorized environments +- Prohibited for security testing on unauthorized systems +- Users are fully responsible for their own actions -### 免责声明 -作者不对任何因使用本项目而导致的直接或间接损失负责,使用者需对自身行为承担全部法律责任。 +### Disclaimer +The author is not responsible for any direct or indirect losses caused by the use of this project. Users bear full legal responsibility for their own actions. --- -## 📖 详细安全政策 +## Detailed Security Policy -有关安装政策、免责声明、代码隐私、API使用安全和漏洞报告的详细信息,请参阅 [DISCLAIMER.md](DISCLAIMER.md) 和 [SECURITY.md](SECURITY.md) 文件。 +For detailed information about installation policy, disclaimer, code privacy, API usage security, and vulnerability reporting, please refer to [DISCLAIMER.md](DISCLAIMER.md) and [SECURITY.md](SECURITY.md) files. -### 快速参考 -- 🔒 **代码隐私警告**: 您的代码将被发送到所选择的LLM服务商服务器 -- 🛡️ **敏感代码处理**: 使用本地模型处理敏感代码 -- ⚠️ **合规要求**: 遵守数据保护和隐私法律法规 -- 📧 **漏洞报告**: 发现安全问题请通过合法渠道上报 +### Quick Reference +- **Code Privacy Warning**: Your code will be sent to the selected LLM provider's servers +- **Sensitive Code Handling**: Use local models for sensitive code +- **Compliance Requirements**: Comply with data protection and privacy laws +- **Vulnerability Reporting**: Report security issues through legitimate channels diff --git a/README_CN.md b/README_CN.md new file mode 100644 index 0000000..3b31b3a --- /dev/null +++ b/README_CN.md @@ -0,0 +1,454 @@ +# DeepAudit - 人人拥有的 AI 审计战队,让漏洞挖掘触手可及 🦸‍♂️ + +

+ 简体中文 | English +

+ +
+ DeepAudit Logo +
+ +
+ +[![Version](https://img.shields.io/badge/version-3.0.2-blue.svg)](https://github.com/lintsinghua/DeepAudit/releases) +[![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](https://www.gnu.org/licenses/agpl-3.0) +[![React](https://img.shields.io/badge/React-18-61dafb.svg)](https://reactjs.org/) +[![TypeScript](https://img.shields.io/badge/TypeScript-5.7-3178c6.svg)](https://www.typescriptlang.org/) +[![FastAPI](https://img.shields.io/badge/FastAPI-0.100+-009688.svg)](https://fastapi.tiangolo.com/) +[![Python](https://img.shields.io/badge/Python-3.11+-3776ab.svg)](https://www.python.org/) +[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/lintsinghua/DeepAudit) + +[![Stars](https://img.shields.io/github/stars/lintsinghua/DeepAudit?style=social)](https://github.com/lintsinghua/DeepAudit/stargazers) +[![Forks](https://img.shields.io/github/forks/lintsinghua/DeepAudit?style=social)](https://github.com/lintsinghua/DeepAudit/network/members) + +lintsinghua%2FDeepAudit | Trendshift + + +
+ +
+ DeepAudit Demo +
+ +--- + + + +## 📸 界面预览 + +
+ +### 🤖 Agent 审计入口 + +Agent审计入口 + +*首页快速进入 Multi-Agent 深度审计* + +
+ + + + + + + + + + +
+📋 审计流日志

+审计流日志
+实时查看 Agent 思考与执行过程 +		 +🎛️ 智能仪表盘

+仪表盘
+一眼掌握项目安全态势 +
+⚡ 即时分析

+即时分析
+粘贴代码 / 上传文件,秒出结果 +		 +🗂️ 项目管理

+项目管理
+GitHub/GitLab 导入,多项目协同管理 +
+ +
+ +### 📊 专业报告 + +审计报告 + +*一键导出 PDF / Markdown / JSON*(图中为快速模式,非Agent模式报告) + +👉 [查看Agent审计完整报告示例](https://lintsinghua.github.io/) + +
+ +--- + +## ⚡ 项目概述 + +**DeepAudit** 是一个基于 **Multi-Agent 协作架构**的下一代代码安全审计平台。它不仅仅是一个静态扫描工具,而是模拟安全专家的思维模式,通过多个智能体(**Orchestrator**, **Recon**, **Analysis**, **Verification**)的自主协作,实现对代码的深度理解、漏洞挖掘和 **自动化沙箱 PoC 验证**。 + +我们致力于解决传统 SAST 工具的三大痛点: +- **误报率高** — 缺乏语义理解,大量误报消耗人力 +- **业务逻辑盲点** — 无法理解跨文件调用和复杂逻辑 +- **缺乏验证手段** — 不知道漏洞是否真实可利用 + +用户只需导入项目,DeepAudit 便全自动开始工作:识别技术栈 → 分析潜在风险 → 生成脚本 → 沙箱验证 → 生成报告,最终输出一份专业审计报告。 + +> **核心理念**: 让 AI 像黑客一样攻击,像专家一样防御。 + +## 💡 为什么选择 DeepAudit? + +
+ +| 😫 传统审计的痛点 | 💡 DeepAudit 解决方案 | +| :--- | :--- | +| **人工审计效率低**
跨不上 CI/CD 代码迭代速度,拖慢发布流程 | **🤖 Multi-Agent 自主审计**
AI 自动编排审计策略,全天候自动化执行 | +| **传统工具误报多**
缺乏语义理解,每天花费大量时间清洗噪音 | **🧠 RAG 知识库增强**
结合代码语义与上下文,大幅降低误报率 | +| **数据隐私担忧**
担心核心源码泄露给云端 AI,无法满足合规要求 | **🔒 支持 Ollama 本地部署**
数据不出内网,支持 Llama3/DeepSeek 等本地模型 | +| **无法确认真实性**
外包项目漏洞多,不知道哪些漏洞真实可被利用 | **💥 沙箱 PoC 验证**
自动生成并执行攻击脚本,确认漏洞真实危害 | + +
+ +--- + +## 🏗️ 系统架构 + +### 整体架构图 + +DeepAudit 采用微服务架构,核心由 Multi-Agent 引擎驱动。 + +
+DeepAudit 架构图 +
+ +### 🔄 审计工作流 + +| 步骤 | 阶段 | 负责 Agent | 主要动作 | +|:---:|:---:|:---:|:---| +| 1 | **策略规划** | **Orchestrator** | 接收审计任务,分析项目类型,制定审计计划,下发任务给子 Agent | +| 2 | **信息收集** | **Recon Agent** | 扫描项目结构,识别框架/库/API,提取攻击面(Entry Points) | +| 3 | **漏洞挖掘** | **Analysis Agent** | 结合 RAG 知识库与 AST 分析,深度审查代码,发现潜在漏洞 | +| 4 | **PoC 验证** | **Verification Agent** | **(关键)** 编写 PoC 脚本,在 Docker 沙箱中执行。如失败则自我修正重试 | +| 5 | **报告生成** | **Orchestrator** | 汇总所有发现,剔除被验证为误报的漏洞,生成最终报告 | + +### 📂 项目代码结构 + +```text +DeepAudit/ +├── backend/ # Python FastAPI 后端 +│ ├── app/ +│ │ ├── agents/ # Multi-Agent 核心逻辑 +│ │ │ ├── orchestrator.py # 总指挥:任务编排 +│ │ │ ├── recon.py # 侦察兵:资产识别 +│ │ │ ├── analysis.py # 分析师:漏洞挖掘 +│ │ │ └── verification.py # 验证者:沙箱 PoC +│ │ ├── core/ # 核心配置与沙箱接口 +│ │ ├── models/ # 数据库模型 +│ │ └── services/ # RAG, LLM 服务封装 +│ └── tests/ # 单元测试 +├── frontend/ # React + TypeScript 前端 +│ ├── src/ +│ │ ├── components/ # UI 组件库 +│ │ ├── pages/ # 页面路由 +│ │ └── stores/ # Zustand 状态管理 +├── docker/ # Docker 部署配置 +│ ├── sandbox/ # 安全沙箱镜像构建 +│ └── postgres/ # 数据库初始化 +└── docs/ # 详细文档 +``` + +--- + +## 🚀 快速开始 + +### 方式一:一行命令部署(推荐) + +使用预构建的 Docker 镜像,无需克隆代码,一行命令即可启动: + +```bash +curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.yml | docker compose -f - up -d +``` + +## 🇨🇳 国内加速部署(作者亲测非常无敌之快) + +使用南京大学镜像站加速拉取 Docker 镜像(将 `ghcr.io` 替换为 `ghcr.nju.edu.cn`): + +```bash +# 国内加速版 - 使用南京大学 GHCR 镜像站 +curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.cn.yml | docker compose -f - up -d +``` +
+手动拉取镜像(如需单独拉取)(点击展开) + +```bash +# 前端镜像 +docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-frontend:latest + +# 后端镜像 +docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-backend:latest + +# 沙箱镜像 +docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest +``` +
+ +> 💡 镜像源由 [南京大学开源镜像站](https://mirrors.nju.edu.cn/) 提供支持 + +> 🎉 **启动成功!** 访问 http://localhost:3000 开始体验。 + +--- + +### 方式二:克隆代码部署 + +适合需要自定义配置或二次开发的用户: + +```bash +# 1. 克隆项目 +git clone https://github.com/lintsinghua/DeepAudit.git && cd DeepAudit + +# 2. 配置环境变量 +cp backend/env.example backend/.env +# 编辑 backend/.env 填入你的 LLM API Key + +# 3. 一键启动 +docker compose up -d +``` + +> 首次启动会自动构建沙箱镜像,可能需要几分钟。 + +--- + +## 🔧 源码开发指南 + +适合开发者进行二次开发调试。 + +### 环境要求 +- Python 3.11+ +- Node.js 20+ +- PostgreSQL 15+ +- Docker (用于沙箱) + +### 1. 后端启动 + +```bash +cd backend +# 使用 uv 管理环境(推荐) +uv sync +source .venv/bin/activate + +# 启动 API 服务 +uvicorn app.main:app --reload +``` + +### 2. 前端启动 + +```bash +cd frontend +pnpm install +pnpm dev +``` + +### 3. 沙箱环境 + +开发模式下需要本地 Docker 拉取沙箱镜像: + +```bash +# 标准拉取 +docker pull ghcr.io/lintsinghua/deepaudit-sandbox:latest + +# 国内加速(南京大学镜像站) +docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest +``` + +--- + +## 🤖 Multi-Agent 智能审计 + +### 支持的漏洞类型 + + + + + + +
+ +| 漏洞类型 | 描述 | +|---------|------| +| `sql_injection` | SQL 注入 | +| `xss` | 跨站脚本攻击 | +| `command_injection` | 命令注入 | +| `path_traversal` | 路径遍历 | +| `ssrf` | 服务端请求伪造 | +| `xxe` | XML 外部实体注入 | + + + +| 漏洞类型 | 描述 | +|---------|------| +| `insecure_deserialization` | 不安全反序列化 | +| `hardcoded_secret` | 硬编码密钥 | +| `weak_crypto` | 弱加密算法 | +| `authentication_bypass` | 认证绕过 | +| `authorization_bypass` | 授权绕过 | +| `idor` | 不安全直接对象引用 | + +
+ +> 📖 详细文档请查看 **[Agent 审计指南](docs/AGENT_AUDIT.md)** + +--- + +## 🔌 支持的 LLM 平台 + + + + + + + +
+

🌍 国际平台

+

+OpenAI GPT-4o / GPT-4
+Claude 3.5 Sonnet / Opus
+Google Gemini Pro
+DeepSeek V3 +

+		 +

🇨🇳 国内平台

+

+通义千问 Qwen
+智谱 GLM-4
+Moonshot Kimi
+文心一言 · MiniMax · 豆包 +

+		 +

🏠 本地部署

+

+Ollama
+Llama3 · Qwen2.5 · CodeLlama
+DeepSeek-Coder · Codestral
+代码不出内网 +

+
+ +> 💡 支持 API 中转站,解决网络访问问题 | 详细配置 → [LLM 平台支持](docs/LLM_PROVIDERS.md) + +--- + +## 🎯 功能矩阵 + +| 功能 | 说明 | 模式 | +|------|------|------| +| 🤖 **Agent 深度审计** | Multi-Agent 协作,自主编排审计策略 | Agent | +| 🧠 **RAG 知识增强** | 代码语义理解,CWE/CVE 知识库检索 | Agent | +| 🔒 **沙箱 PoC 验证** | Docker 隔离执行,验证漏洞有效性 | Agent | +| 🗂️ **项目管理** | GitHub/GitLab 导入,ZIP 上传,10+ 语言支持 | 通用 | +| ⚡ **即时分析** | 代码片段秒级分析,粘贴即用 | 通用 | +| 🔍 **五维检测** | Bug · 安全 · 性能 · 风格 · 可维护性 | 通用 | +| 💡 **What-Why-How** | 精准定位 + 原因解释 + 修复建议 | 通用 | +| 📋 **审计规则** | 内置 OWASP Top 10,支持自定义规则集 | 通用 | +| 📝 **提示词模板** | 可视化管理,支持中英文双语 | 通用 | +| 📊 **报告导出** | PDF / Markdown / JSON 一键导出 | 通用 | +| ⚙️ **运行时配置** | 浏览器配置 LLM,无需重启服务 | 通用 | + +## 🦖 发展路线图 + +我们正在持续演进,未来将支持更多语言和更强大的 Agent 能力。 + +- [x] 基础静态分析,集成 Semgrep +- [x] 引入 RAG 知识库,支持 Docker 安全沙箱 +- [x] **Multi-Agent 协作架构** (Current) +- [ ] 支持更真实的模拟服务环境,进行更真实漏洞验证流程 +- [ ] 沙箱从function_call优化集成为稳定MCP服务 +- [ ] **自动修复 (Auto-Fix)**: Agent 直接提交 PR 修复漏洞 +- [ ] **增量PR审计**: 持续跟踪 PR 变更,智能分析漏洞,并集成CI/CD流程 +- [ ] **优化RAG**: 支持自定义知识库 + +--- + +## 🤝 贡献与社区 + +### 贡献指南 +我们非常欢迎您的贡献!无论是提交 Issue、PR 还是完善文档。 +请查看 [CONTRIBUTING.md](./CONTRIBUTING.md) 了解详情。 + +### 📬 联系作者 + +
+ +**欢迎大家来和我交流探讨!无论是技术问题、功能建议还是合作意向,都期待与你沟通~** + +| 联系方式 | | +|:---:|:---:| +| 📧 **邮箱** | **lintsinghua@qq.com** | +| 🐙 **GitHub** | [@lintsinghua](https://github.com/lintsinghua) | + +
+ +## 📄 许可证 + +本项目采用 [AGPL-3.0 License](LICENSE) 开源。 + +## 📈 项目热度 + + + + + + Star History Chart + + + +--- + +
+ Made with ❤️ by lintsinghua +
+ +--- + +## 致谢 + +感谢以下开源项目的支持: + +[FastAPI](https://fastapi.tiangolo.com/) · [LangChain](https://langchain.com/) · [LangGraph](https://langchain-ai.github.io/langgraph/) · [ChromaDB](https://www.trychroma.com/) · [LiteLLM](https://litellm.ai/) · [Tree-sitter](https://tree-sitter.github.io/) · [Kunlun-M](https://github.com/LoRexxar/Kunlun-M) · [Strix](https://github.com/usestrix/strix) · [React](https://react.dev/) · [Vite](https://vitejs.dev/) · [Radix UI](https://www.radix-ui.com/) · [TailwindCSS](https://tailwindcss.com/) · [shadcn/ui](https://ui.shadcn.com/) + +--- + +## ⚠️ 重要安全声明 + +### 法律合规声明 +1. 禁止**任何未经授权的漏洞测试、渗透测试或安全评估** +2. 本项目仅供网络空间安全学术研究、教学和学习使用 +3. 严禁将本项目用于任何非法目的或未经授权的安全测试 + +### 漏洞上报责任 +1. 发现任何安全漏洞时,请及时通过合法渠道上报 +2. 严禁利用发现的漏洞进行非法活动 +3. 遵守国家网络安全法律法规,维护网络空间安全 + +### 使用限制 +- 仅限在授权环境下用于教育和研究目的 +- 禁止用于对未授权系统进行安全测试 +- 使用者需对自身行为承担全部法律责任 + +### 免责声明 +作者不对任何因使用本项目而导致的直接或间接损失负责,使用者需对自身行为承担全部法律责任。 + +--- + +## 📖 详细安全政策 + +有关安装政策、免责声明、代码隐私、API使用安全和漏洞报告的详细信息,请参阅 [DISCLAIMER.md](DISCLAIMER.md) 和 [SECURITY.md](SECURITY.md) 文件。 + +### 快速参考 +- 🔒 **代码隐私警告**: 您的代码将被发送到所选择的LLM服务商服务器 +- 🛡️ **敏感代码处理**: 使用本地模型处理敏感代码 +- ⚠️ **合规要求**: 遵守数据保护和隐私法律法规 +- 📧 **漏洞报告**: 发现安全问题请通过合法渠道上报 diff --git a/README_EN.md b/README_EN.md deleted file mode 100644 index 0a1587b..0000000 --- a/README_EN.md +++ /dev/null @@ -1,427 +0,0 @@ -# DeepAudit - Your AI Security Audit Team, Making Vulnerability Discovery Accessible - -> Making code vulnerability discovery as easy as breathing, even beginners can find bugs - -

- 简体中文 | English -

- -
- DeepAudit Logo -
- -
- -[![Version](https://img.shields.io/badge/version-3.0.2-blue.svg)](https://github.com/lintsinghua/DeepAudit/releases) -[![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](https://www.gnu.org/licenses/agpl-3.0) -[![React](https://img.shields.io/badge/React-18-61dafb.svg)](https://reactjs.org/) -[![TypeScript](https://img.shields.io/badge/TypeScript-5.7-3178c6.svg)](https://www.typescriptlang.org/) -[![FastAPI](https://img.shields.io/badge/FastAPI-0.100+-009688.svg)](https://fastapi.tiangolo.com/) -[![Python](https://img.shields.io/badge/Python-3.11+-3776ab.svg)](https://www.python.org/) -[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/lintsinghua/DeepAudit) - -[![Stars](https://img.shields.io/github/stars/lintsinghua/DeepAudit?style=social)](https://github.com/lintsinghua/DeepAudit/stargazers) -[![Forks](https://img.shields.io/github/forks/lintsinghua/DeepAudit?style=social)](https://github.com/lintsinghua/DeepAudit/network/members) - -lintsinghua%2FDeepAudit | Trendshift - - -
- -
- DeepAudit Demo -
- ---- - - - -## Screenshots - -
- -### Agent Audit Entry - -Agent Audit Entry - -*Quick access to Multi-Agent deep audit from homepage* - -
- - - - - - - - - - -
-Audit Flow Logs

-Audit Flow Logs
-Real-time view of Agent thinking and execution process -		 -Smart Dashboard

-Dashboard
-Grasp project security posture at a glance -
-Instant Analysis

-Instant Analysis
-Paste code / upload files, get results in seconds -		 -Project Management

-Project Management
-GitHub/GitLab import, multi-project collaboration -
- -
- -### Professional Reports - -Audit Report - -*One-click export to PDF / Markdown / JSON* (Quick mode shown, not Agent mode report) - -[View Full Agent Audit Report Example](https://lintsinghua.github.io/) - -
- ---- - -## Overview - -**DeepAudit** is a next-generation code security audit platform based on **Multi-Agent collaborative architecture**. It's not just a static scanning tool, but simulates the thinking patterns of security experts through autonomous collaboration of multiple agents (**Orchestrator**, **Recon**, **Analysis**, **Verification**), achieving deep code understanding, vulnerability discovery, and **automated sandbox PoC verification**. - -We are committed to solving three major pain points of traditional SAST tools: -- **High false positive rate** — Lack of semantic understanding, massive false positives consume manpower -- **Business logic blind spots** — Cannot understand cross-file calls and complex logic -- **Lack of verification methods** — Don't know if vulnerabilities are actually exploitable - -Users only need to import a project, and DeepAudit automatically starts working: identify tech stack → analyze potential risks → generate scripts → sandbox verification → generate report, ultimately outputting a professional audit report. - -> **Core Philosophy**: Let AI attack like a hacker, defend like an expert. - -## Why Choose DeepAudit? - -
- -| Traditional Audit Pain Points | DeepAudit Solutions | -| :--- | :--- | -| **Low manual audit efficiency**
Can't keep up with CI/CD iteration speed, slowing release process | **Multi-Agent Autonomous Audit**
AI automatically orchestrates audit strategies, 24/7 automated execution | -| **Too many false positives**
Lack of semantic understanding, spending lots of time cleaning noise daily | **RAG Knowledge Enhancement**
Combining code semantics with context, significantly reducing false positives | -| **Data privacy concerns**
Worried about core source code leaking to cloud AI, can't meet compliance requirements | **Ollama Local Deployment Support**
Data stays on-premises, supports Llama3/DeepSeek and other local models | -| **Can't confirm authenticity**
Outsourced projects have many vulnerabilities, don't know which are truly exploitable | **Sandbox PoC Verification**
Automatically generate and execute attack scripts, confirm real vulnerability impact | - -
- ---- - -## System Architecture - -### Architecture Diagram - -DeepAudit adopts microservices architecture, driven by the Multi-Agent engine at its core. - -
-DeepAudit Architecture -
- -### Audit Workflow - -| Step | Phase | Responsible Agent | Main Actions | -|:---:|:---:|:---:|:---| -| 1 | **Strategy Planning** | **Orchestrator** | Receive audit task, analyze project type, formulate audit plan, dispatch tasks to sub-agents | -| 2 | **Information Gathering** | **Recon Agent** | Scan project structure, identify frameworks/libraries/APIs, extract attack surface (Entry Points) | -| 3 | **Vulnerability Discovery** | **Analysis Agent** | Combine RAG knowledge base with AST analysis, deep code review, discover potential vulnerabilities | -| 4 | **PoC Verification** | **Verification Agent** | **(Critical)** Write PoC scripts, execute in Docker sandbox. Self-correct and retry if failed | -| 5 | **Report Generation** | **Orchestrator** | Aggregate all findings, filter out verified false positives, generate final report | - -### Project Structure - -```text -DeepAudit/ -├── backend/ # Python FastAPI Backend -│ ├── app/ -│ │ ├── agents/ # Multi-Agent Core Logic -│ │ │ ├── orchestrator.py # Commander: Task Orchestration -│ │ │ ├── recon.py # Scout: Asset Identification -│ │ │ ├── analysis.py # Analyst: Vulnerability Discovery -│ │ │ └── verification.py # Verifier: Sandbox PoC -│ │ ├── core/ # Core Config & Sandbox Interface -│ │ ├── models/ # Database Models -│ │ └── services/ # RAG, LLM Service Wrappers -│ └── tests/ # Unit Tests -├── frontend/ # React + TypeScript Frontend -│ ├── src/ -│ │ ├── components/ # UI Component Library -│ │ ├── pages/ # Page Routes -│ │ └── stores/ # Zustand State Management -├── docker/ # Docker Deployment Config -│ ├── sandbox/ # Security Sandbox Image Build -│ └── postgres/ # Database Initialization -└── docs/ # Detailed Documentation -``` - ---- - -## Quick Start - -### Option 1: One-Line Deployment (Recommended) - -Using pre-built Docker images, no need to clone code, start with one command: - -```bash -curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.yml | docker compose -f - up -d -``` - -> **Success!** Visit http://localhost:3000 to start exploring. - ---- - -### Option 2: Clone and Deploy - -Suitable for users who need custom configuration or secondary development: - -```bash -# 1. Clone project -git clone https://github.com/lintsinghua/DeepAudit.git && cd DeepAudit - -# 2. Configure environment variables -cp backend/env.example backend/.env -# Edit backend/.env and fill in your LLM API Key - -# 3. One-click start -docker compose up -d -``` - -> First startup will automatically build the sandbox image, which may take a few minutes. - ---- - -## Development Guide - -For developers doing secondary development and debugging. - -### Requirements -- Python 3.11+ -- Node.js 20+ -- PostgreSQL 15+ -- Docker (for sandbox) - -### 1. Backend Setup - -```bash -cd backend -# Use uv for environment management (recommended) -uv sync -source .venv/bin/activate - -# Start API service -uvicorn app.main:app --reload -``` - -### 2. Frontend Setup - -```bash -cd frontend -pnpm install -pnpm dev -``` - -### 3. Sandbox Environment - -Development mode requires pulling the sandbox image locally: - -```bash -docker pull ghcr.io/lintsinghua/deepaudit-sandbox:latest -``` - ---- - -## Multi-Agent Intelligent Audit - -### Supported Vulnerability Types - - - - - - -
- -| Vulnerability Type | Description | -|---------|------| -| `sql_injection` | SQL Injection | -| `xss` | Cross-Site Scripting | -| `command_injection` | Command Injection | -| `path_traversal` | Path Traversal | -| `ssrf` | Server-Side Request Forgery | -| `xxe` | XML External Entity Injection | - - - -| Vulnerability Type | Description | -|---------|------| -| `insecure_deserialization` | Insecure Deserialization | -| `hardcoded_secret` | Hardcoded Secrets | -| `weak_crypto` | Weak Cryptography | -| `authentication_bypass` | Authentication Bypass | -| `authorization_bypass` | Authorization Bypass | -| `idor` | Insecure Direct Object Reference | - -
- -> For detailed documentation, see **[Agent Audit Guide](docs/AGENT_AUDIT.md)** - ---- - -## Supported LLM Platforms - - - - - - - -
-

International Platforms

-

-OpenAI GPT-4o / GPT-4
-Claude 3.5 Sonnet / Opus
-Google Gemini Pro
-DeepSeek V3 -

-		 -

Chinese Platforms

-

-Qwen (Tongyi Qianwen)
-Zhipu GLM-4
-Moonshot Kimi
-Wenxin · MiniMax · Doubao -

-		 -

Local Deployment

-

-Ollama
-Llama3 · Qwen2.5 · CodeLlama
-DeepSeek-Coder · Codestral
-Code stays on-premises -

-
- -> Supports API proxies to solve network access issues | Detailed configuration → [LLM Platform Support](docs/LLM_PROVIDERS.md) - ---- - -## Feature Matrix - -| Feature | Description | Mode | -|------|------|------| -| **Agent Deep Audit** | Multi-Agent collaboration, autonomous audit strategy orchestration | Agent | -| **RAG Knowledge Enhancement** | Code semantic understanding, CWE/CVE knowledge base retrieval | Agent | -| **Sandbox PoC Verification** | Docker isolated execution, verify vulnerability validity | Agent | -| **Project Management** | GitHub/GitLab import, ZIP upload, 10+ language support | General | -| **Instant Analysis** | Code snippet analysis in seconds, paste and use | General | -| **Five-Dimensional Detection** | Bug · Security · Performance · Style · Maintainability | General | -| **What-Why-How** | Precise location + cause explanation + fix suggestions | General | -| **Audit Rules** | Built-in OWASP Top 10, supports custom rule sets | General | -| **Prompt Templates** | Visual management, bilingual support | General | -| **Report Export** | One-click export to PDF / Markdown / JSON | General | -| **Runtime Configuration** | Configure LLM in browser, no service restart needed | General | - -## Roadmap - -We are continuously evolving, with more language support and stronger Agent capabilities coming. - -- [x] Basic static analysis, Semgrep integration -- [x] RAG knowledge base introduction, Docker security sandbox support -- [x] **Multi-Agent Collaborative Architecture** (Current) -- [ ] Support for more realistic simulated service environments for more authentic vulnerability verification -- [ ] Optimize sandbox from function_call to stable MCP service -- [ ] **Auto-Fix**: Agent directly submits PRs to fix vulnerabilities -- [ ] **Incremental PR Audit**: Continuously track PR changes, intelligently analyze vulnerabilities, integrate with CI/CD -- [ ] **Optimized RAG**: Support custom knowledge bases - ---- - -## Contributing & Community - -### Contributing Guide -We warmly welcome your contributions! Whether it's submitting Issues, PRs, or improving documentation. -Please check [CONTRIBUTING.md](./CONTRIBUTING.md) for details. - -### Contact - -
- -**Feel free to reach out for technical discussions, feature suggestions, or collaboration opportunities!** - -| Contact | | -|:---:|:---:| -| **Email** | **lintsinghua@qq.com** | -| **GitHub** | [@lintsinghua](https://github.com/lintsinghua) | - -
- -## License - -This project is open-sourced under the [AGPL-3.0 License](LICENSE). - -## Star History - - - - - - Star History Chart - - - ---- - -
- Made with ❤️ by lintsinghua -
- ---- - -## Acknowledgements - -Thanks to the following open-source projects for their support: - -[FastAPI](https://fastapi.tiangolo.com/) · [LangChain](https://langchain.com/) · [LangGraph](https://langchain-ai.github.io/langgraph/) · [ChromaDB](https://www.trychroma.com/) · [LiteLLM](https://litellm.ai/) · [Tree-sitter](https://tree-sitter.github.io/) · [Kunlun-M](https://github.com/LoRexxar/Kunlun-M) · [Strix](https://github.com/usestrix/strix) · [React](https://react.dev/) · [Vite](https://vitejs.dev/) · [Radix UI](https://www.radix-ui.com/) · [TailwindCSS](https://tailwindcss.com/) · [shadcn/ui](https://ui.shadcn.com/) - ---- - -## Important Security Notice - -### Legal Compliance Statement -1. **Any unauthorized vulnerability testing, penetration testing, or security assessment is prohibited** -2. This project is only for cybersecurity academic research, teaching, and learning purposes -3. It is strictly prohibited to use this project for any illegal purposes or unauthorized security testing - -### Vulnerability Reporting Responsibility -1. When discovering any security vulnerabilities, please report them through legitimate channels promptly -2. It is strictly prohibited to use discovered vulnerabilities for illegal activities -3. Comply with national cybersecurity laws and regulations, maintain cyberspace security - -### Usage Restrictions -- Only for educational and research purposes in authorized environments -- Prohibited for security testing on unauthorized systems -- Users are fully responsible for their own actions - -### Disclaimer -The author is not responsible for any direct or indirect losses caused by the use of this project. Users bear full legal responsibility for their own actions. - ---- - -## Detailed Security Policy - -For detailed information about installation policy, disclaimer, code privacy, API usage security, and vulnerability reporting, please refer to [DISCLAIMER.md](DISCLAIMER.md) and [SECURITY.md](SECURITY.md) files. - -### Quick Reference -- **Code Privacy Warning**: Your code will be sent to the selected LLM provider's servers -- **Sensitive Code Handling**: Use local models for sensitive code -- **Compliance Requirements**: Comply with data protection and privacy laws -- **Vulnerability Reporting**: Report security issues through legitimate channels