├── requirements.txt ├── .gitignore ├── README.md └── CAST.py /requirements.txt: -------------------------------------------------------------------------------- 1 | agno>=1.0.0 2 | openai>=1.0.0 3 | python-dotenv>=1.0.0 4 | requests>=2.31.0 5 | slack-sdk>=3.26.0 6 | jira>=3.5.1 7 | pyyaml>=6.0.1 8 | python-json-logger>=2.0.7 9 | cryptography>=41.0.0 10 | urllib3>=2.0.0 -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Python 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | *.so 6 | .Python 7 | build/ 8 | develop-eggs/ 9 | dist/ 10 | downloads/ 11 | eggs/ 12 | .eggs/ 13 | lib/ 14 | lib64/ 15 | parts/ 16 | sdist/ 17 | var/ 18 | wheels/ 19 | *.egg-info/ 20 | .installed.cfg 21 | *.egg 22 | 23 | # Virtual Environment 24 | venv/ 25 | ENV/ 26 | env/ 27 | .env 28 | 29 | # IDE 30 | .idea/ 31 | .vscode/ 32 | *.swp 33 | *.swo 34 | 35 | # Logs 36 | *.log 37 | 38 | # Local configuration 39 | config.local.yaml -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Continuous Security Assessment Tool (CAST) 2 | 3 | A Python-based security assessment tool for continous automated security scanning and monitoring or domains . 4 | 5 | ## Features 6 | 7 | - Port scanning and service detection using nmap 8 | - Subdomain discovery using subfinder 9 | - Vulnerability assessment 10 | - Automated security reporting 11 | - Integration with Slack for alerts (configurable) 12 | - Jira ticket creation for vulnerabilities (configurable) 13 | 14 | ## Prerequisites 15 | 16 | - Python 3.8+ 17 | - nmap 18 | - subfinder 19 | - nuclei 20 | - naabu 21 | - tlsx 22 | - gau 23 | - ffuf 24 | 25 | # Output 26 | ![Screenshot 2025-04-04 at 12 33 20 PM](https://github.com/user-attachments/assets/5380f202-e54b-47cb-875b-766f7e9f9928) 27 | 28 | 29 | ## Installation 30 | 31 | 1. Clone the repository: 32 | ```bash 33 | git clone [https://github.com/shadsidd/continuous-security-assessment-tool.git] 34 | cd [https://github.com/shadsidd/continuous-security-assessment-tool] 35 | ``` 36 | 37 | 2. Install Python dependencies: 38 | ```bash 39 | pip install -r requirements.txt 40 | ``` 41 | 42 | 3. Install system dependencies (on macOS): 43 | ```bash 44 | # Add ProjectDiscovery tap for security tools 45 | brew tap projectdiscovery/tap 46 | 47 | # Install all required tools 48 | brew install nmap 49 | brew install projectdiscovery/tap/nuclei 50 | brew install projectdiscovery/tap/subfinder 51 | brew install projectdiscovery/tap/naabu 52 | brew install projectdiscovery/tap/tlsx 53 | brew install projectdiscovery/tap/gau 54 | brew install ffuf 55 | ``` 56 | 57 | ## Usage 58 | 59 | Run the tool by executing: 60 | 61 | ```bash 62 | python CAST.py 63 | ``` 64 | 65 | When prompted, enter the target domain (e.g., example.com). 66 | 67 | ## Configuration 68 | 69 | The tool uses the Agno framework and can be configured through environment variables: 70 | 71 | - `OPENAI_API_KEY`: Your OpenAI API key for the GPT-4 model 72 | - `SLACK_TOKEN`: (Optional) Slack API token for notifications 73 | - `JIRA_TOKEN`: (Optional) Jira API token for ticket creation 74 | 75 | ## Output 76 | 77 | The tool generates: 78 | - Detailed security assessment reports 79 | - Port scanning results 80 | - Subdomain enumeration 81 | - Vulnerability findings 82 | - SSL/TLS information 83 | - Historical URL data 84 | - Exposed endpoint information 85 | 86 | ## Security Note 87 | 88 | Please ensure you have proper authorization before scanning any domain. Unauthorized scanning may be illegal in your jurisdiction. 89 | 90 | ## License 91 | 92 | [Add your license information here] 93 | -------------------------------------------------------------------------------- /CAST.py: -------------------------------------------------------------------------------- 1 | import os 2 | from agno.agent import Agent 3 | from agno.models.openai import OpenAIChat 4 | from agno.tools.shell import ShellTools 5 | 6 | security_agent = Agent( 7 | name="Security Agent", 8 | role="Performs port scanning, subdomain discovery, vulnerability checks, and generates reports.", 9 | model=OpenAIChat(id="gpt-4o"), 10 | tools=[ 11 | ShellTools() 12 | # SlackTools(), 13 | # JiraTools() 14 | ], 15 | role=" As security agent, you are responsible for performing security assessment for a given target domain.", 16 | instructions=""" 17 | For any given target domain, perform the following tasks: 18 | 1. Execute a port scan using 'nmap -sV -p- {domain}' to identify open ports and running services. 19 | 2. Execute a subdomain discovery using 'subfinder -d {domain}' to list all active subdomains. 20 | 3. For each subdomain found, briefly check for signs of subdomain takeover vulnerability. 21 | 4. Generate a concise security report including key findings and actionable recommendations. 22 | 5. Send critical findings to Slack and create Jira tickets for vulnerabilities. 23 | """, 24 | markdown=True, 25 | show_tool_calls=True 26 | ) 27 | 28 | def run_command(command): 29 | """Executes a shell command using the agent's ShellTools.""" 30 | try: 31 | response = security_agent.run(f"Run shell command: {command}") 32 | if isinstance(response, str): 33 | return response 34 | elif hasattr(response, 'content'): 35 | return response.content 36 | return str(response) 37 | except Exception as e: 38 | print(f"Exception occurred while running '{command}': {str(e)}") 39 | return None 40 | 41 | def main(): 42 | target = input("Enter target domain (e.g., example.com): ").strip() 43 | if not target: 44 | print("No target domain provided.") 45 | return 46 | 47 | print(f"\nStarting security assessment for {target}...") 48 | try: 49 | result = security_agent.run(f"Perform security assessment for {target}") 50 | print("\n=== Security Assessment Results ===") 51 | print(result.content if hasattr(result, 'content') else str(result)) 52 | except Exception as e: 53 | print(f"\nError during security assessment: {str(e)}") 54 | 55 | if __name__ == "__main__": 56 | main() 57 | 58 | 59 | #Comprehensive Agent instructions: 60 | 61 | # instructions=f""" 62 | # For each domain provided: 63 | # 1. Use the ShellTool to run 'nuclei -u {{domain}} -json' and capture the output. Parse the JSON lines to extract vulnerability findings. 64 | # 2. Use the ShellTool to run 'naabu -host {{domain}} -p 22,80,443,8080 -json' and capture the output. Parse the JSON lines to extract open ports. 65 | # 3. Use the ShellTool to run 'tlsx -u {{domain}} -json' and capture the output. Parse the JSON to extract SSL/TLS information, particularly the 'not_after' field for certificate expiry. 66 | # 4. Use the ShellTool to run 'gau {{domain}}' and capture the output. The output is a list of historical URLs, split by newlines. 67 | # 5. Use the ShellTool to run 'ffuf -u https://{{domain}}/FUZZ -w {CONFIG["wordlist_path"]} -mc 200 -json' and capture the output. Parse the JSON lines to extract exposed endpoints (e.g., 'input.FUZZ' field). 68 | # 6. Analyze the results: 69 | # - If there are any vulnerabilities from nuclei, consider it critical. 70 | # - If there are open ports from naabu (e.g., ports 22, 80, 443, 8080), consider it critical. 71 | # - If the SSL certificate 'not_after' date is within 7 days from now, consider it critical. 72 | # - If there are exposed endpoints from ffuf, consider it critical. 73 | # 7. If any critical issues are found, use the SlackTool to send an alert message detailing the issues (e.g., 'Critical issues found for {{domain}}: [list issues]'). 74 | # 8. Additionally, use the JiraTool to create an issue with a summary of the critical findings (e.g., title: 'Security Issues for {{domain}}', description: [list issues]). 75 | # 9. Generate a concise security report summarizing all findings and recommendations, and log it using the logger. 76 | # If a tool fails to run or returns an error, log the error and continue with the other tools. 77 | # """, 78 | --------------------------------------------------------------------------------