经 AI Skill Hub 精选评估,Offsec-AI 获评「强烈推荐」。这款AI工具在功能完整性、社区活跃度和易用性方面表现出色,AI 评分 8.0 分,适合有一定技术背景的用户使用。
Offsec-AI 是一款基于 Python 开发的开源工具,专注于 offensive-security、network-reconnaissance、python3 等核心功能。作为 GitHub 开源项目,它拥有活跃的社区支持和持续的版本迭代,代码完全透明可审计,支持本地部署以保护数据隐私。无论是个人使用还是集成到企业工作流,都能提供稳定可靠的解决方案。
Offsec-AI 是一款基于 Python 开发的开源工具,专注于 offensive-security、network-reconnaissance、python3 等核心功能。作为 GitHub 开源项目,它拥有活跃的社区支持和持续的版本迭代,代码完全透明可审计,支持本地部署以保护数据隐私。无论是个人使用还是集成到企业工作流,都能提供稳定可靠的解决方案。
# 方式一:pip 安装(推荐)
pip install offsec-ai
# 方式二:虚拟环境安装(推荐生产环境)
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install offsec-ai
# 方式三:从源码安装(获取最新功能)
git clone https://github.com/Htunn/offsec-ai
cd offsec-ai
pip install -e .
# 验证安装
python -c "import offsec_ai; print('安装成功')"
# 命令行使用
offsec-ai --help
# 基本用法
offsec-ai input_file -o output_file
# Python 代码中调用
import offsec_ai
# 示例
result = offsec_ai.process("input")
print(result)
# offsec-ai 配置文件示例(config.yml) app: name: "offsec-ai" debug: false log_level: "INFO" # 运行时指定配置文件 offsec-ai --config config.yml # 或通过环境变量配置 export OFFSEC_AI_API_KEY="your-key" export OFFSEC_AI_OUTPUT_DIR="./output"
██████╗ ███████╗███████╗███████╗███████╗ ██████╗ █████╗ ██╗
██╔═══██╗██╔════╝██╔════╝██╔════╝██╔════╝██╔════╝ ██╔══██╗██║
██║ ██║█████╗ █████╗ ███████╗█████╗ ██║ █████╗███████║██║
██║ ██║██╔══╝ ██╔══╝ ╚════██║██╔══╝ ██║ ╚════╝██╔══██║██║
╚██████╔╝██║ ██║ ███████║███████╗╚██████╗ ██║ ██║██║
╚═════╝ ╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝
Offensive-Security Toolkit · AI/LLM · MCP · Red-Team
<p align="center"> <a href="https://github.com/Htunn/offsec-ai/actions/workflows/test.yml"><img src="https://github.com/Htunn/offsec-ai/actions/workflows/test.yml/badge.svg?branch=develop" alt="Test and Build"/></a> <a href="https://github.com/Htunn/offsec-ai/actions/workflows/publish.yml"><img src="https://github.com/Htunn/offsec-ai/actions/workflows/publish.yml/badge.svg" alt="Publish to PyPI"/></a> <a href="https://github.com/Htunn/offsec-ai/actions/workflows/docker.yml"><img src="https://github.com/Htunn/offsec-ai/actions/workflows/docker.yml/badge.svg" alt="Docker Build"/></a> <a href="https://github.com/Htunn/offsec-ai/actions/workflows/codeql.yml"><img src="https://github.com/Htunn/offsec-ai/actions/workflows/codeql.yml/badge.svg" alt="CodeQL"/></a> </p>
<p align="center"> <a href="https://pypi.org/project/offsec-ai/"><img src="https://img.shields.io/pypi/v/offsec-ai" alt="PyPI Version"/></a> <a href="https://pypistats.org/packages/offsec-ai"><img src="https://img.shields.io/pypi/dm/offsec-ai" alt="PyPI Downloads"/></a> <a href="https://pypi.org/project/offsec-ai/"><img src="https://img.shields.io/pypi/pyversions/offsec-ai" alt="Python Version"/></a> <a href="https://hub.docker.com/r/htunnthuthu/offsec-ai"><img src="https://img.shields.io/docker/pulls/htunnthuthu/offsec-ai" alt="Docker Pulls"/></a> <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT"/></a> </p>
Offensive-security toolkit for authorized red-team engagements.
offsec-ai is a Python library and CLI that combines classic network reconnaissance with modern AI/LLM security testing. It probes live AI/LLM endpoints for the OWASP LLM Top 10, scans and actively attacks Model Context Protocol (MCP) servers for known CVEs, and performs full-stack infrastructure security assessments.
Legal Notice: Active attack features (mcp-attack,openclaw-attack,k8s-attack,auth-attack, deep mode) require the--i-have-authorizationflag. Only use against systems you own or have explicit written permission to test.
---
offsec-ai ai-owasp-scan https://api.example.com/v1/chat/completions --llm-judge ```
offsec-ai openclaw-attack 192.168.1.10 --i-have-authorization
---
```bash
docker run --rm htunnthuthu/offsec-ai:latest --help
---
```bash docker run --rm htunnthuthu/offsec-ai:latest ai-owasp-scan https://api.example.com/v1/chat/completions docker run --rm htunnthuthu/offsec-ai:latest mcp-scan https://mcp.example.com/mcp docker run --rm htunnthuthu/offsec-ai:latest scan example.com docker run --rm htunnthuthu/offsec-ai:latest owasp-scan example.com
docker run --rm \ -e OPENAI_API_KEY=sk-... \ htunnthuthu/offsec-ai:latest \ ai-owasp-scan https://api.example.com/v1/chat/completions --llm-judge
██████╗ ███████╗███████╗███████╗███████╗ ██████╗ █████╗ ██╗
██╔═══██╗██╔════╝██╔════╝██╔════╝██╔════╝██╔════╝ ██╔══██╗██║
██║ ██║█████╗ █████╗ ███████╗█████╗ ██║ █████╗███████║██║
██║ ██║██╔══╝ ██╔══╝ ╚════██║██╔══╝ ██║ ╚════╝██╔══██║██║
╚██████╔╝██║ ██║ ███████║███████╗╚██████╗ ██║ ██║██║
╚═════╝ ╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝
Offensive-Security Toolkit · AI/LLM · MCP · Red-Team
```bash
```bash
```bash
```bash
```bash
```bash
| CVE | Severity | Description |
|---|---|---|
| CVE-2019-3778 | CRITICAL | Spring Security OAuth — open redirect via malformed redirect_uri |
| CVE-2017-11427 | HIGH | SAML XSW — Shibboleth/OneLogin signature wrapping |
| CVE-2018-0489 | HIGH | SAML XSW — Shibboleth SP unsigned assertion acceptance |
| CVE-2023-41900 | HIGH | Keycloak — session fixation via OIDC back-channel logout |
| AUTH-ADV-PKCE | HIGH | Missing PKCE enables authorization code interception |
| AUTH-ADV-IMPLICIT | HIGH | Implicit flow exposes tokens in browser history |
| AUTH-ADV-STATE | HIGH | Missing state parameter enables CSRF on authorization code |
| AUTH-ADV-ALGNONE | CRITICAL | alg=none JWT accepted — authentication bypass |
pip install "offsec-ai[ai]" ```
Install the [ai] extra and set an API key to enable smarter semantic detection:
pip install "offsec-ai[ai]"
export GEMINI_API_KEY="AIza..." # Google Gemini (1st priority)
export ANTHROPIC_API_KEY="sk-ant-..." # or Anthropic (2nd priority)
export OPENAI_API_KEY="sk-..." # or OpenAI (3rd priority)
If multiple keys are set, Gemini is used first, then Anthropic, then OpenAI. Without the extra, detection falls back to rule-based pattern matching.
---
offsec-ai openclaw-scan 192.168.1.10
| Variable | Description |
|---|---|
OPENAI_API_KEY | Enable OpenAI-based LLM judge |
ANTHROPIC_API_KEY | Enable Anthropic-based LLM judge |
OFFSEC_LLM_BASE_URL | Custom OpenAI-compatible base URL for LLM judge |
pip install "offsec-ai[ai]" # Adds openai + anthropic for LLM judge
---
offsec-ai k8s-scan 127.0.0.1 --port 8001 --llm-judge offsec-ai k8s-attack 192.168.1.100 --i-have-authorization --mode deep offsec-ai k8s-attack 127.0.0.1 --port 8001 --i-have-authorization --llm-judge
import asyncio
from offsec_ai import LLMOwaspScanner, MCPScanner, MCPAttacker, AuthorizationRequired
from offsec_ai import AuthScanner, AuthAttacker, AuthProtocol
async def main():
# Auth protocol scan (OIDC / OAuth2 / SAML)
auth = AuthScanner("https://accounts.google.com")
auth_result = await auth.scan()
print(f"Protocol: {auth_result.protocol.value} Provider: {auth_result.provider_info.name}")
print(f"Vulnerabilities: {len(auth_result.all_vulns)}")
# SAML scan
saml = AuthScanner("https://mocksaml.com/api/saml/metadata", protocol="saml")
saml_result = await saml.scan()
print(f"SAML issuer: {saml_result.provider_info.issuer}")
# Auth attack (requires explicit authorization)
attacker = AuthAttacker(authorized=True)
report = await attacker.attack(
target="https://auth.example.com",
mode="safe",
)
print(f"Attacks run: {report.attacks_run}, triggered: {report.attacks_triggered}")
# AI OWASP scan
scanner = LLMOwaspScanner("https://api.example.com/v1/chat/completions")
result = await scanner.scan()
print(f"Grade: {result.overall_grade} Score: {result.total_score}")
for cat_id, cat in result.categories.items():
if cat.findings:
print(f" {cat_id}: {len(cat.findings)} finding(s) — grade {cat.grade}")
# MCP scan
mcp = MCPScanner("https://mcp.example.com/mcp")
mcp_result = await mcp.scan()
print(f"MCP vulnerabilities: {len(mcp_result.vulnerabilities)}")
# MCP attack (requires explicit authorization)
try:
attacker = MCPAttacker(authorized=True) # must be True
report = await attacker.attack(
target="https://mcp.example.com/mcp",
transport="http",
mode="safe",
)
print(f"Attacks run: {report.attacks_run}, triggered: {len(report.triggered_results)}")
except AuthorizationRequired:
print("Provide authorized=True to unlock attack mode")
asyncio.run(main())
---
offsec-ai ai-owasp-scan https://api.example.com/v1/chat/completions
offsec-ai ai-owasp-scan https://chat.example.com/api/chat --api-format generic
import asyncio
from offsec_ai import LLMOwaspScanner, LLMScanMode, LLMJudge
async def main():
# Optional: enable LLM judge for smarter detection
judge = LLMJudge.from_env() # reads OPENAI_API_KEY / ANTHROPIC_API_KEY
scanner = LLMOwaspScanner(
endpoint="https://api.example.com/v1/chat/completions",
mode=LLMScanMode.DEEP,
categories=["LLM01", "LLM02", "LLM07"],
api_format="openai",
headers={"Authorization": "Bearer sk-..."},
judge=judge, # None = rule-based only
)
result = await scanner.scan()
print(f"Grade: {result.overall_grade} ({result.total_score} pts)")
for cat_id, cat in result.categories.items():
if cat.findings:
print(f"\n{cat_id}: {cat.category_name}")
for finding in cat.findings:
print(f" [{finding.severity.value}] {finding.title}")
print(f" Evidence: {finding.evidence[:80]}...")
asyncio.run(main())
offsec-ai mcp-scan https://mcp.example.com/mcp
import asyncio
from offsec_ai import MCPScanner, MCPTransport
async def main():
# HTTP transport
scanner = MCPScanner(
target="https://mcp.example.com/mcp",
transport=MCPTransport.HTTP,
headers={"Authorization": "Bearer token"},
judge=LLMJudge.from_env(), # optional: enriches MEDIUM/LOW findings
)
result = await scanner.scan()
print(f"Server: {result.server_info.name} v{result.server_info.version}")
print(f"Tools: {len(result.tools)}, Resources: {len(result.resources)}")
print(f"Vulnerabilities: {len(result.vulnerabilities)}")
for vuln in result.vulnerabilities:
print(f" [{vuln.severity.value}] {vuln.title}: {vuln.description}")
# Stdio transport
scanner = MCPScanner(
target="stdio://local",
transport=MCPTransport.STDIO,
cmd=["npx", "@example/mcp-server"],
)
result = await scanner.scan()
asyncio.run(main())
---
import asyncio
from offsec_ai import MCPAttacker, MCPScanner, AuthorizationRequired
async def main():
# Authorization is enforced at instantiation
try:
bad = MCPAttacker() # raises AuthorizationRequired
except AuthorizationRequired:
pass
attacker = MCPAttacker(authorized=True)
# Optional: use scan result to guide attacks
scanner = MCPScanner("https://mcp.example.com/mcp")
scan_result = await scanner.scan()
report = await attacker.attack(
target="https://mcp.example.com/mcp",
transport="http",
mode="deep",
scan_result=scan_result,
)
print(f"Attacks run: {report.attacks_run}")
print(f"Triggered: {len(report.triggered_results)}")
for r in report.triggered_results:
print(f" [{r.severity.value}] {r.title}")
asyncio.run(main())
---
import asyncio
from offsec_ai import AuthScanner, AuthAttacker, AuthProtocol, LLMJudge
from offsec_ai.exceptions import AuthorizationRequired
async def main():
# Optional LLM judge
judge = LLMJudge.from_env() # reads GEMINI_API_KEY / ANTHROPIC_API_KEY / OPENAI_API_KEY
# --- Passive scan (OIDC/OAuth2 auto-detect) ---
scanner = AuthScanner(
target="https://accounts.google.com",
protocol="auto", # "auto" | "oidc" | "oauth2" | "saml"
judge=judge, # None = rule-based only
timeout=15.0,
verify_tls=True,
)
result = await scanner.scan()
print(f"Protocol : {result.protocol.value}")
print(f"Provider : {result.provider_info.name}")
print(f"Issuer : {result.provider_info.issuer}")
print(f"PKCE req : {result.provider_info.pkce_required}")
print(f"Implicit : {result.provider_info.implicit_flow_enabled}")
for vuln in result.all_vulns:
print(f" [{vuln.severity.value}] {vuln.vuln_id}: {vuln.title}")
if vuln.cve_id:
print(f" CVE: {vuln.cve_id}")
# --- Passive SAML scan ---
saml_scanner = AuthScanner(
target="https://mocksaml.com/api/saml/metadata",
protocol="saml",
)
saml_result = await saml_scanner.scan()
print(f"SAML entityID : {saml_result.provider_info.issuer}")
print(f"Signing certs : {saml_result.provider_info.raw.get('signing_cert_count', 0)}")
# --- Authorized active attack ---
try:
attacker = AuthAttacker(authorized=True)
report = await attacker.attack(
target="https://auth.example.com",
mode="safe", # "safe" | "deep"
judge=judge,
)
print(f"Attacks run : {report.attacks_run}")
print(f"Attacks triggered: {report.attacks_triggered}")
for r in report.triggered_results:
print(f" [{r.severity.value}] {r.title}")
print(f" Evidence: {r.evidence[:80]}...")
except AuthorizationRequired:
print("Pass authorized=True to unlock attack mode")
asyncio.run(main())
See docs/auth.md for the full guide including CVE detail, remediation advice, and SAML testing tips.
---
import asyncio
from offsec_ai.core.openclaw_scanner import OpenClawScanner
from offsec_ai.core.openclaw_attacker import OpenClawAttacker
from offsec_ai.exceptions import AuthorizationRequired
async def main():
# Passive scan
scanner = OpenClawScanner(
target="192.168.1.10",
port=18789,
use_tls=False,
)
result = await scanner.scan()
print(f"OpenClaw detected : {result.openclaw_detected}")
print(f"Version : {result.version}")
print(f"Unauthenticated : {result.unauthenticated_access}")
print(f"Vulnerabilities : {len(result.vulnerabilities)}")
for v in result.vulnerabilities:
print(f" [{v.severity}] {v.advisory_id}: {v.title}")
# Authorized active attack
try:
attacker = OpenClawAttacker(authorized=True)
report = await attacker.attack(
target="192.168.1.10",
port=18789,
mode="safe", # "safe" | "deep"
)
print(f"Attacks triggered : {len(report.triggered_results)}")
for r in report.triggered_results:
print(f" [{r.severity}] {r.title}")
except AuthorizationRequired as exc:
print(exc)
asyncio.run(main())
See docs/openclaw.md for the full guide including remediation advice.
---
import asyncio
from offsec_ai.core.k8s_scanner import K8sScanner
from offsec_ai.core.k8s_attacker import K8sAttacker
from offsec_ai.core.llm_judge import LLMJudge
from offsec_ai.exceptions import AuthorizationRequired
async def main():
# Optional LLM judge — auto-detects OPENAI/ANTHROPIC/GEMINI key from env
judge = LLMJudge() # rule-based fallback when no key is set
# Passive scan
scanner = K8sScanner(
target="192.168.1.100",
ports=[6443, 10250, 2379],
judge=judge,
)
result = await scanner.scan()
print(f"Kubernetes detected : {result.is_kubernetes}")
print(f"Version : {result.server_info.git_version}")
print(f"Exposed components : {[c.component.value for c in result.exposed_components]}")
print(f"OWASP coverage : {result.owasp_coverage}")
print(f"Vulnerabilities : {len(result.vulnerabilities)}")
for v in result.vulnerabilities:
print(f" [{v.severity.value}] {v.owasp_id} {v.vuln_id}: {v.title}")
if v.llm_reasoning:
print(f" LLM: {v.llm_reasoning}")
# Authorized active attack
try:
attacker = K8sAttacker(authorized=True, judge=judge)
report = await attacker.attack(
target="192.168.1.100",
mode="safe", # "safe" | "deep"
scan_result=result, # guides attack selection
)
print(f"Attacks run : {len(report.attack_results)}")
print(f"Succeeded : {len(report.successful_attacks)}")
for r in report.successful_attacks:
print(f" [{r.severity.value}] {r.owasp_id} {r.attack_id}: {r.description}")
except AuthorizationRequired as exc:
print(exc)
asyncio.run(main())
See docs/k8s.md for the full guide including OWASP K8s Top 10 mapping, CVE database, attack sequences, and remediation advice.
---
offsec-ai --help
Commands:
ai-owasp-scan Probe a live LLM/AI endpoint for AI OWASP Top 10
mcp-scan Scan an MCP endpoint for security vulnerabilities
mcp-attack Perform authorized active testing against an MCP server
openclaw-scan Five-phase passive security scan of an OpenClaw AI gateway
openclaw-attack Authorized active attack against an OpenClaw gateway
k8s-scan Black-box Kubernetes cluster security scan (OWASP K8s Top 10)
k8s-attack Authorized active red-team attack against Kubernetes components
auth-scan Passive OIDC / OAuth 2.0 / SAML auth protocol security scan
auth-attack Authorized active attack against auth/identity endpoints
scan Scan target hosts for open ports
l7-check Check for L7 protection services (WAF, CDN, etc.)
full-scan Port scan + L7 protection detection
cert-check Analyze SSL/TLS certificate chain
cert-chain Analyze complete certificate chain and trust path
cert-info Show detailed certificate information
dns-trace Trace DNS records and analyze L7 protection
owasp-scan OWASP Top 10 2021/2025 vulnerability scanner (--llm-judge supported)
hybrid-identity Check for Azure AD/ADFS hybrid identity setup
mtls-check Check for mTLS authentication support
mtls-gen-cert Generate a self-signed certificate for mTLS testing
mtls-validate-cert Validate client certificate and private key files
service-detect Detect service version and information
---
| Component | Default Ports | Key Probes |
|---|---|---|
| kube-apiserver | 6443, 443, 8080 | /version, /healthz, /api, anon /api/v1/secrets//pods, SelfSubjectAccessReview |
| kubelet | 10250 (rw), 10255 (ro) | /pods, /runningpods, /stats/summary, /spec; /exec /run (attack) |
| etcd | 2379, 2380 | /version, /health, v2/v3 keys |
| scheduler / controller-mgr | 10259 / 10257 | /healthz, /metrics |
| kube-proxy / cAdvisor | 10249 / 4194 | /healthz, metrics |
| Dashboard | 8001, 30000–32767 | UI accessibility, auth posture |
offsec-ai k8s-scan 192.168.1.100
功能齐全的网络安全重构工具
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ MIT 协议 — 最宽松的开源协议之一,可自由商用、修改、分发,仅需保留版权声明。
AI Skill Hub 点评:Offsec-AI 的核心功能完整,质量优秀。对于AI 技术爱好者来说,这是一个值得纳入个人工具库的选择。建议先在非生产环境试用,再逐步推广。
| 原始名称 | offsec-ai |
| Topics | offensive-securitynetwork-reconnaissancepython3 |
| GitHub | https://github.com/Htunn/offsec-ai |
| License | MIT |
| 语言 | Python |
收录时间:2026-07-04 · 更新时间:2026-07-04 · License:MIT · AI Skill Hub 不对第三方内容的准确性作法律背书。