Zum Inhalt

Rogue Cheat Blatt

generieren

** Ein intelligenter Web-Verwundbarkeits-Scanner Agent powered by Large Language Models* - Denken Sie wie ein menschlicher Penetration Tester mit AI-getriebenen Sicherheitstests.

Schneller Start

Installation

```bash

Clone the repository

git clone https://github.com/faizann24/rogue cd rogue

Install dependencies

pip install -r requirements.txt

Set up OpenAI API key

export OPENAI_API_KEY='your-openai-key-here'

Verify installation

python run.py --help ```_

Basisnutzung

```bash

Basic scan of a single URL

python run.py -u https://example.com

Quick security assessment

python run.py -u https://target.com -p 5 -i 3

Advanced scan with subdomain enumeration

python run.py -u https://example.com -e -s -m o3-mini -i 10 ```_

Kommandozeilenoptionen

Erforderliche Parameter

```bash

Target URL to test (required)

python run.py -u https://example.com python run.py --url https://example.com ```_

Sicherheitstests Konfiguration

```bash

Number of security test plans per page

python run.py -u https://target.com -p 10 # 10 specific plans python run.py -u https://target.com -p -1 # Unlimited plans (15-25+)

Maximum iterations per security plan

python run.py -u https://target.com -i 5 # Quick scan python run.py -u https://target.com -i 10 # Standard scan python run.py -u https://target.com -i 20 # Deep scan

LLM model selection

python run.py -u https://target.com -m o4-mini # Default, fast python run.py -u https://target.com -m o3-mini # Enhanced reasoning python run.py -u https://target.com -m o1-preview # Advanced analysis ```_

Scope und Discovery Optionen

```bash

Test discovered URLs recursively

python run.py -u https://target.com -e

Enumerate and test subdomains

python run.py -u https://target.com -s

Combine scope expansion options

python run.py -u https://target.com -e -s

Custom output directory

python run.py -u https://target.com -o my_scan_results ```_

Teststrategien

Schnelle Sicherheitsbewertung

```bash

Fast scan with focused plans

python run.py -u https://target.com -p 5 -i 3

Quick subdomain check

python run.py -u https://target.com -s -p 3 -i 2

Rapid reconnaissance

python run.py -u https://target.com -e -p 5 -i 3 ```_

Standard Sicherheitsaudit

```bash

Balanced depth and speed

python run.py -u https://target.com -p 10 -i 8

Standard with subdomain enumeration

python run.py -u https://target.com -s -p 10 -i 8

Standard with URL expansion

python run.py -u https://target.com -e -p 10 -i 10 ```_

Umfassende Sicherheitsprüfung

```bash

Unlimited plans with thorough testing

python run.py -u https://target.com -p -1 -i 10 -e -s

Deep analysis with maximum iterations

python run.py -u https://target.com -p 20 -i 15 -e -m o1-preview

Full scope comprehensive audit

python run.py -u https://target.com -p -1 -i 12 -e -s -m o3-mini ```_

Gezielte Schwachstelle Forschung

```bash

Maximum depth analysis

python run.py -u https://target.com -p -1 -i 20 -m o1-preview

Technology-specific testing

python run.py -u https://target.com -p 15 -i 12 -e

Bug bounty hunting setup

python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini ```_

LLM Modellauswahl

o4-mini (Standard)

```bash

Fast and cost-effective scanning

python run.py -u https://target.com -m o4-mini

Good for standard web applications

python run.py -u https://target.com -m o4-mini -p 10 -i 8

Balanced performance and accuracy

python run.py -u https://target.com -m o4-mini -e -s ```_

o3-mini (verbessert)

```bash

Enhanced reasoning capabilities

python run.py -u https://target.com -m o3-mini

Better for complex applications

python run.py -u https://target.com -m o3-mini -p 15 -i 10

Improved payload generation

python run.py -u https://target.com -m o3-mini -p -1 -i 12 ```_

o1-Vorschau (Erweitert)

```bash

Advanced analytical capabilities

python run.py -u https://target.com -m o1-preview

Maximum accuracy and depth

python run.py -u https://target.com -m o1-preview -p 20 -i 15

Sophisticated target analysis

python run.py -u https://target.com -m o1-preview -p -1 -i 20 -e -s ```_

Erweiterte Nutzung Muster

Subdomain Sicherheitsbewertung

```bash

Discover and test all subdomains

python run.py -u https://target.com -s -p 10 -i 7

Comprehensive subdomain analysis

python run.py -u https://target.com -s -p -1 -i 10 -m o3-mini

Quick subdomain reconnaissance

python run.py -u https://target.com -s -p 5 -i 3 ```_

URL Entdeckung und Prüfung

```bash

Recursive URL testing

python run.py -u https://target.com -e -p 12 -i 8

Deep URL exploration

python run.py -u https://target.com -e -p -1 -i 15

Combined discovery approach

python run.py -u https://target.com -e -s -p 15 -i 10 ```_

Zollausgabeverwaltung

```bash

Organize results by target and date

python run.py -u https://target.com -o "results/target_$(date +%Y%m%d)"

Custom directory structure

python run.py -u https://target.com -o "scans/$(basename $URL)_scan"

Multiple target organization

python run.py -u https://target.com -o "audits/comprehensive_$(date +%Y%m%d_%H%M)" ```_

Umwelt Setup

API Schlüsselkonfiguration

```bash

Set OpenAI API key (required)

export OPENAI_API_KEY='sk-your-api-key-here'

Verify API key is set

echo $OPENAI_API_KEY

Alternative: Create .env file

echo "OPENAI_API_KEY=sk-your-api-key-here" > .env

Persistent configuration

echo 'export OPENAI_API_KEY="sk-your-api-key-here"' >> ~/.bashrc source ~/.bashrc ```_

Systemabhängigkeiten

```bash

Ubuntu/Debian

sudo apt-get update sudo apt-get install python3 python3-pip

Install Playwright dependencies

playwright install

CentOS/RHEL

sudo yum install python3 python3-pip

macOS (with Homebrew)

brew install python3 pip3 install playwright playwright install ```_

Sicherheitsprüfmodi

Strategien der Plangeneration

```bash

Limited Plans - Specific number of focused tests

python run.py -u https://target.com -p 5 # 5 targeted tests python run.py -u https://target.com -p 10 # 10 focused plans python run.py -u https://target.com -p 15 # 15 comprehensive plans

Unlimited Plans - Maximum coverage with CVE intelligence

python run.py -u https://target.com -p -1 # 15-25+ plans with CVE data ```_

Iteration Depth Control

```bash

Quick Scan (3-5 iterations)

python run.py -u https://target.com -i 3 # Surface-level testing python run.py -u https://target.com -i 5 # Fast vulnerability discovery

Standard Scan (8-12 iterations)

python run.py -u https://target.com -i 8 # Balanced approach python run.py -u https://target.com -i 10 # Recommended depth python run.py -u https://target.com -i 12 # Thorough validation

Deep Scan (15-20 iterations)

python run.py -u https://target.com -i 15 # Exhaustive testing python run.py -u https://target.com -i 20 # Maximum exploitation attempts ```_

Ausgabe und Reporting

Ergebnisanalyse

```bash

Check generated reports

ls security_results/ cat security_results/report.txt cat security_results/report.md

View detailed findings

less security_results/detailed_findings.txt

Copy results to another location

cp -r security_results/ /path/to/reports/$(date +%Y%m%d) ```_

Bericht Struktur

```bash

Each scan generates:

- Executive summary

- Detailed findings with severity ratings

- Technical details and reproduction steps

- Evidence and impact analysis

- Remediation recommendations

```_

Allgemeine Anwendungsfälle

Web Application Security Testing

```bash

Standard web app assessment

python run.py -u https://webapp.com -p 10 -i 8

E-commerce platform testing

python run.py -u https://shop.com -p 15 -i 10 -e

API endpoint testing

python run.py -u https://api.service.com -p 12 -i 8 ```_

Bug Bounty Jagd

```bash

Comprehensive bug bounty scan

python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini

Quick reconnaissance for multiple targets

for url in \((cat targets.txt); do python run.py -u "\)url" -p 5 -i 3 -o "bounty_$(basename $url)" done

Deep analysis of promising targets

python run.py -u https://target.com -p 20 -i 18 -e -s -m o1-preview ```_

Penetration Testing

```bash

Initial vulnerability assessment

python run.py -u https://target.com -p 12 -i 10 -e -s

Focused exploitation testing

python run.py -u https://target.com -p -1 -i 20 -m o1-preview

Comprehensive penetration test

python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini ```_

Fehlerbehebung

Gemeinsame Themen

```bash

API key not set

export OPENAI_API_KEY='your-key-here'

Missing dependencies

pip install -r requirements.txt playwright install

Permission issues

chmod +x run.py sudo chown \(USER:\)USER -R rogue/

Python version issues

python3 --version # Should be 3.8+ pip3 install -r requirements.txt ```_

Debug und Monitoring

```bash

Enable verbose output

python run.py -u https://target.com --verbose

Monitor network traffic

python run.py -u https://target.com --debug-proxy

Check system compatibility

python3 -c "import playwright; print('Playwright OK')" python3 -c "import openai; print('OpenAI OK')" ```_

Leistungsoptimierung

Effiziente Scanning

```bash

Use faster models for initial screening

python run.py -u https://target.com -m o4-mini -p 5 -i 3

Optimize for speed

python run.py -u https://target.com -p 8 -i 5

Balance speed and thoroughness

python run.py -u https://target.com -m o3-mini -p 10 -i 8 ```_

Ressourcenmanagement

```bash

Limit iterations for large applications

python run.py -u https://target.com -i 10

Manage API costs

python run.py -u https://target.com -m o4-mini -p 8

Batch processing multiple targets

for target in \((cat targets.txt); do python run.py -u "\)target" -p 5 -i 5 -o "batch_$(date +%H%M%S)" sleep 30 # Rate limiting done ```_

Integrationsbeispiele

CI/CD Pipeline

```bash

GitHub Actions integration

name: Security Scan run:| export OPENAI_API_KEY=$\\{\\{ secrets.OPENAI_API_KEY \\}\\} python run.py -u $\\{\\{ env.TARGET_URL \\}\\} -p 8 -i 5

Jenkins integration

sh ''' export OPENAI_API_KEY=$\\{OPENAI_API_KEY\\} python run.py -u \(\\\\{TARGET_URL\\\\} -p 10 -i 8 -o "jenkins_\)\\{BUILD_NUMBER\\}" ''' ```_

Automatisierte Sicherheitsprüfung

```bash

Daily security scans

!/bin/bash

export OPENAI_API_KEY="your-key-here" python run.py -u https://production.com -p 8 -i 6 -o "daily_$(date +%Y%m%d)"

Weekly comprehensive audit

python run.py -u https://production.com -p -1 -i 12 -e -s -o "weekly_$(date +%Y%m%d)" ```_

Best Practices

Effektive Nutzung

```bash

Start with quick assessment

python run.py -u https://target.com -p 5 -i 3

Progress to standard scan

python run.py -u https://target.com -p 10 -i 8

Deep dive on interesting findings

python run.py -u https://target.com -p -1 -i 15 -m o1-preview

Always include scope expansion for thorough testing

python run.py -u https://target.com -e -s ```_

Sicherheit und Ethik

```bash

Always obtain proper authorization before testing

Use responsibly and ethically

Follow security testing best practices

Be mindful of potential impact on target systems

Document all findings properly

Report vulnerabilities through appropriate channels

```_

--

** Projektarchiv:** (https://github.com/faizann24/rogue](https://github.com/faizann24/rogue) License: GPL-3.0 Sprache: Python Stars: 324+|Forks: 33+