Feuille de chaleur Rogue

="copier toutes les commandes Générer PDF

** Un scanner intelligent de vulnérabilité Web alimenté par des modèles de grande langue** - Pensez comme un testeur de pénétration humaine avec des tests de sécurité pilotés par l'IA.

Démarrer rapidement

Installation

# Clone the repository
git clone https://github.com/faizann24/rogue
cd rogue

# Install dependencies
pip install -r requirements.txt

# Set up OpenAI API key
export OPENAI_API_KEY='your-openai-key-here'

# Verify installation
python run.py --help

Utilisation de base

# Basic scan of a single URL
python run.py -u https://example.com

# Quick security assessment
python run.py -u https://target.com -p 5 -i 3

# Advanced scan with subdomain enumeration
python run.py -u https://example.com -e -s -m o3-mini -i 10
```_

## Options de ligne de commande

### Paramètres requis
```bash
# Target URL to test (required)
python run.py -u https://example.com
python run.py --url https://example.com
```_

### Configuration des tests de sécurité
```bash
# Number of security test plans per page
python run.py -u https://target.com -p 10      # 10 specific plans
python run.py -u https://target.com -p -1      # Unlimited plans (15-25+)

# Maximum iterations per security plan
python run.py -u https://target.com -i 5       # Quick scan
python run.py -u https://target.com -i 10      # Standard scan
python run.py -u https://target.com -i 20      # Deep scan

# LLM model selection
python run.py -u https://target.com -m o4-mini     # Default, fast
python run.py -u https://target.com -m o3-mini     # Enhanced reasoning
python run.py -u https://target.com -m o1-preview  # Advanced analysis

Portée et options de découverte

# Test discovered URLs recursively
python run.py -u https://target.com -e

# Enumerate and test subdomains
python run.py -u https://target.com -s

# Combine scope expansion options
python run.py -u https://target.com -e -s

# Custom output directory
python run.py -u https://target.com -o my_scan_results

Stratégies d'essai

Évaluation rapide de la sécurité

# Fast scan with focused plans
python run.py -u https://target.com -p 5 -i 3

# Quick subdomain check
python run.py -u https://target.com -s -p 3 -i 2

# Rapid reconnaissance
python run.py -u https://target.com -e -p 5 -i 3

Vérification de sécurité standard

# Balanced depth and speed
python run.py -u https://target.com -p 10 -i 8

# Standard with subdomain enumeration
python run.py -u https://target.com -s -p 10 -i 8

# Standard with URL expansion
python run.py -u https://target.com -e -p 10 -i 10

Essais complets de sécurité

# Unlimited plans with thorough testing
python run.py -u https://target.com -p -1 -i 10 -e -s

# Deep analysis with maximum iterations
python run.py -u https://target.com -p 20 -i 15 -e -m o1-preview

# Full scope comprehensive audit
python run.py -u https://target.com -p -1 -i 12 -e -s -m o3-mini

Vulnérabilité ciblée Recherche

# Maximum depth analysis
python run.py -u https://target.com -p -1 -i 20 -m o1-preview

# Technology-specific testing
python run.py -u https://target.com -p 15 -i 12 -e

# Bug bounty hunting setup
python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini

LLM Sélection du modèle

o4-mini (Défaut)

# Fast and cost-effective scanning
python run.py -u https://target.com -m o4-mini

# Good for standard web applications
python run.py -u https://target.com -m o4-mini -p 10 -i 8

# Balanced performance and accuracy
python run.py -u https://target.com -m o4-mini -e -s

o3-mini (renforcé)

# Enhanced reasoning capabilities
python run.py -u https://target.com -m o3-mini

# Better for complex applications
python run.py -u https://target.com -m o3-mini -p 15 -i 10

# Improved payload generation
python run.py -u https://target.com -m o3-mini -p -1 -i 12

o1-visualisation (avancée)

# Advanced analytical capabilities
python run.py -u https://target.com -m o1-preview

# Maximum accuracy and depth
python run.py -u https://target.com -m o1-preview -p 20 -i 15

# Sophisticated target analysis
python run.py -u https://target.com -m o1-preview -p -1 -i 20 -e -s

Modèles d'utilisation avancés

Sous-domaine Évaluation de la sécurité

# Discover and test all subdomains
python run.py -u https://target.com -s -p 10 -i 7

# Comprehensive subdomain analysis
python run.py -u https://target.com -s -p -1 -i 10 -m o3-mini

# Quick subdomain reconnaissance
python run.py -u https://target.com -s -p 5 -i 3

Découverte et test d'URL

# Recursive URL testing
python run.py -u https://target.com -e -p 12 -i 8

# Deep URL exploration
python run.py -u https://target.com -e -p -1 -i 15

# Combined discovery approach
python run.py -u https://target.com -e -s -p 15 -i 10

Gestion personnalisée des produits

# Organize results by target and date
python run.py -u https://target.com -o "results/target_$(date +%Y%m%d)"

# Custom directory structure
python run.py -u https://target.com -o "scans/$(basename $URL)_scan"

# Multiple target organization
python run.py -u https://target.com -o "audits/comprehensive_$(date +%Y%m%d_%H%M)"

Aménagement de l'environnement

API Configuration de la clé

# Set OpenAI API key (required)
export OPENAI_API_KEY='sk-your-api-key-here'

# Verify API key is set
echo $OPENAI_API_KEY

# Alternative: Create .env file
echo "OPENAI_API_KEY=sk-your-api-key-here" > .env

# Persistent configuration
echo 'export OPENAI_API_KEY="sk-your-api-key-here"' >> ~/.bashrc
source ~/.bashrc

Dépendances du système

# Ubuntu/Debian
sudo apt-get update
sudo apt-get install python3 python3-pip

# Install Playwright dependencies
playwright install

# CentOS/RHEL
sudo yum install python3 python3-pip

# macOS (with Homebrew)
brew install python3
pip3 install playwright
playwright install

Modes d'essai de sécurité

Plan Stratégies de génération

# Limited Plans - Specific number of focused tests
python run.py -u https://target.com -p 5    # 5 targeted tests
python run.py -u https://target.com -p 10   # 10 focused plans
python run.py -u https://target.com -p 15   # 15 comprehensive plans

# Unlimited Plans - Maximum coverage with CVE intelligence
python run.py -u https://target.com -p -1   # 15-25+ plans with CVE data

Contrôle de la profondeur de l'itération

# Quick Scan (3-5 iterations)
python run.py -u https://target.com -i 3    # Surface-level testing
python run.py -u https://target.com -i 5    # Fast vulnerability discovery

# Standard Scan (8-12 iterations)
python run.py -u https://target.com -i 8    # Balanced approach
python run.py -u https://target.com -i 10   # Recommended depth
python run.py -u https://target.com -i 12   # Thorough validation

# Deep Scan (15-20 iterations)
python run.py -u https://target.com -i 15   # Exhaustive testing
python run.py -u https://target.com -i 20   # Maximum exploitation attempts

Résultats et rapports

Analyse des résultats

# Check generated reports
ls security_results/
cat security_results/report.txt
cat security_results/report.md

# View detailed findings
less security_results/detailed_findings.txt

# Copy results to another location
cp -r security_results/ /path/to/reports/$(date +%Y%m%d)

Structure du rapport

# Each scan generates:
# - Executive summary
# - Detailed findings with severity ratings
# - Technical details and reproduction steps
# - Evidence and impact analysis
# - Remediation recommendations

Cas d'utilisation courante

Essais de sécurité des applications Web

# Standard web app assessment
python run.py -u https://webapp.com -p 10 -i 8

# E-commerce platform testing
python run.py -u https://shop.com -p 15 -i 10 -e

# API endpoint testing
python run.py -u https://api.service.com -p 12 -i 8

Chasse aux bogues

# Comprehensive bug bounty scan
python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini

# Quick reconnaissance for multiple targets
for url in $(cat targets.txt); do
    python run.py -u "$url" -p 5 -i 3 -o "bounty_$(basename $url)"
done

# Deep analysis of promising targets
python run.py -u https://target.com -p 20 -i 18 -e -s -m o1-preview

Essai de pénétration

# Initial vulnerability assessment
python run.py -u https://target.com -p 12 -i 10 -e -s

# Focused exploitation testing
python run.py -u https://target.com -p -1 -i 20 -m o1-preview

# Comprehensive penetration test
python run.py -u https://target.com -p -1 -i 15 -e -s -m o3-mini

Dépannage

Questions communes

# API key not set
export OPENAI_API_KEY='your-key-here'

# Missing dependencies
pip install -r requirements.txt
playwright install

# Permission issues
chmod +x run.py
sudo chown $USER:$USER -R rogue/

# Python version issues
python3 --version  # Should be 3.8+
pip3 install -r requirements.txt

Débogue et surveillance

# Enable verbose output
python run.py -u https://target.com --verbose

# Monitor network traffic
python run.py -u https://target.com --debug-proxy

# Check system compatibility
python3 -c "import playwright; print('Playwright OK')"
python3 -c "import openai; print('OpenAI OK')"

Optimisation des performances

Analyse efficace

# Use faster models for initial screening
python run.py -u https://target.com -m o4-mini -p 5 -i 3

# Optimize for speed
python run.py -u https://target.com -p 8 -i 5

# Balance speed and thoroughness
python run.py -u https://target.com -m o3-mini -p 10 -i 8

Gestion des ressources

# Limit iterations for large applications
python run.py -u https://target.com -i 10

# Manage API costs
python run.py -u https://target.com -m o4-mini -p 8

# Batch processing multiple targets
for target in $(cat targets.txt); do
    python run.py -u "$target" -p 5 -i 5 -o "batch_$(date +%H%M%S)"
    sleep 30  # Rate limiting
done

Exemples d'intégration

CI/CD Pipeline

# GitHub Actions integration
name: Security Scan
run:|
  export OPENAI_API_KEY=$\\\\{\\\\{ secrets.OPENAI_API_KEY \\\\}\\\\}
  python run.py -u $\\\\{\\\\{ env.TARGET_URL \\\\}\\\\} -p 8 -i 5

# Jenkins integration
sh '''
export OPENAI_API_KEY=$\\\\{OPENAI_API_KEY\\\\}
python run.py -u $\\\\{TARGET_URL\\\\} -p 10 -i 8 -o "jenkins_$\\\\{BUILD_NUMBER\\\\}"
'''

Essais automatisés de sécurité

# Daily security scans
#!/bin/bash
export OPENAI_API_KEY="your-key-here"
python run.py -u https://production.com -p 8 -i 6 -o "daily_$(date +%Y%m%d)"

# Weekly comprehensive audit
python run.py -u https://production.com -p -1 -i 12 -e -s -o "weekly_$(date +%Y%m%d)"

Meilleures pratiques

Utilisation efficace

# Start with quick assessment
python run.py -u https://target.com -p 5 -i 3

# Progress to standard scan
python run.py -u https://target.com -p 10 -i 8

# Deep dive on interesting findings
python run.py -u https://target.com -p -1 -i 15 -m o1-preview

# Always include scope expansion for thorough testing
python run.py -u https://target.com -e -s

Sécurité et éthique

# Always obtain proper authorization before testing
# Use responsibly and ethically
# Follow security testing best practices
# Be mindful of potential impact on target systems
# Document all findings properly
# Report vulnerabilities through appropriate channels

---

Dépositaire : [URL___] License: GPL-3.0 Langue: Python Étoiles: 324+