██╗ ██╗ █████╗ ██████╗ ██╗ ██╗ ██████╗ ██████╗ ███████╗
██║ ██║██╔══██╗██╔════╝ ██║ ██║██╔═══██╗██╔══██╗██╔════╝
███████║███████║██║ ███╗███████║██║ ██║██████╔╝███████╗
██╔══██║██╔══██║██║ ██║██╔══██║██║ ██║██╔═══╝ ╚════██║
██║ ██║██║ ██║╚██████╔╝██║ ██║╚██████╔╝██║ ███████║
╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝
⚡ HackOps Recon: Scan. Exploit. Own. ⚡+ █▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
+ █░░▒▓████████████▓▒░░█ AUTONOMOUS CYBER AGENT
+ █░░▒▓█─▀▀▀▀▀▀▀▀▀▀─█▓▒░░█
+ █░░▒▓█▄▄▄▄▄▄▄▄▄▄▄▄█▓▒░░█ [STATUS: LETHAL]
+ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀Welcome to HackOps Recon, an autonomous, LLM-powered cybersecurity scanner built to identify vulnerabilities, exploit weaknesses, and automate security assessments in a seamless, efficient, and hacker-inspired manner. This tool runs a series of advanced scans and generates AI-driven security reports, all while ensuring maximum stealth and control.
In the world of cybersecurity, speed and accuracy are critical. HackOps Recon combines cutting-edge tools like Nmap, Gobuster, and FFUF, alongside AI-powered analysis to empower security researchers, pentesters, and hackers with:
- Real-time Cyber Scan Operations
- AI-Powered Vulnerability Analysis
- Stateful Attack Workflows
- Adaptive Retry Mechanisms
- Scan Logging & Reporting
- Hacky Terminal UI for the True Hacker Feel
HackOps Recon brings together the best of both worlds—powerful tools, cutting-edge AI, and autonomous agentic workflows.
- Agentic Workflow Engine: Powered by LangGraph, our stateful workflow orchestrator manages complex scan sequences with dynamic adaptation.
- Port Scanning: Perform a stealthy scan using Nmap to identify open ports on the target system.
- Web Directory Enumeration: Use Gobuster to brute force web directories and uncover hidden entry points.
- Hidden Endpoint Discovery: FFUF fuzzes for web application vulnerabilities, discovering sensitive and hidden endpoints.
- AI Vulnerability Analysis: After scans, HackOps Recon leverages LLM-powered AI (via Groq) to analyze the results and provide a concise, actionable report on the vulnerabilities.
- Stateful Execution: Maintains scan context across tools with intelligent state passing between nodes.
- Scan Logging: Every scan is logged for future reference and accountability. Raw outputs are saved to a
scanLog.txtfile, and final results are written toFinalReport.md. - Retry Mechanism: Failsafes in place for retries with alternate parameters, ensuring your scans continue even if an error occurs.
- Hacky Terminal UI: Custom terminal-style user interface in Streamlit to give you that authentic hacker vibe while scanning.
Clone the repository and navigate into the project directory:
git clone https://github.com/NitinReddy-A/hackops-recon.git
cd hackops-reconIt is recommended to use a virtual environment to manage dependencies.
# Create a virtual environment
python -m venv venv
# Activate the virtual environment
# On Windows:
venv\Scripts\activate
# On macOS/Linux:
source venv/bin/activatepip install -r requirements.txtYou'll need a Groq API key to enable AI-powered analysis. Get your API key from Groq and save it in a .env file as follows:
GROQ_API_KEY=your-api-key-here- Run the app:
streamlit run FinalApp.py-
Configure Scan Settings:
- TARGET: The target domain you wish to scan (e.g.,
example.com). - ALLOWED DOMAINS: Define which domains are allowed for scanning. Targets outside the allowed domains will trigger a safety alert.
- TARGET: The target domain you wish to scan (e.g.,
-
Initiate the Cyber Scan: Press the "🚀 INITIATE CYBER SCAN" button to begin scanning the target.
-
Monitor the Scan: Watch live progress and terminal-style output as each step (Nmap, Gobuster, FFUF) is executed.
-
Receive Your Report: After the scan completes, you'll receive a detailed analysis report highlighting vulnerabilities, suspicious ports, directories, and recommendations for further investigation.
HackOps Recon's brain is powered by LangGraph - a stateful workflow engine that orchestrates complex security operations:
graph LR
Start --> A
Start --> B
Start --> C
A[Nmap Scan] --> D[AI Supervisor]
B[GOBUSTER SCAN] --> D
C[FFUF Scan] --> D
D --> E[Final Report]
- Stateful Workflow: Maintains context between scan stages using shared state objects
- Adaptive Nodes: Each tool (Nmap/Gobuster/FFUF) runs as independent nodes with failure recovery
- AI Supervisor: Final node that analyzes aggregated results using Groq's LLM
- Conditional Flows: Dynamic path selection based on scan results (e.g., skip web scans if no web ports open)
Once the tools have completed their scans, HackOps Recon's AI Supervisor takes over. It analyzes the raw scan outputs using Groq's LLM to generate a concise report that identifies:
- Vulnerabilities: Any open ports, exposed endpoints, or insecure configurations.
- Suspicious Activity: Anomalies or unusual findings from the scans.
- Recommendations: Actionable steps to secure the system and mitigate threats.
This ensures that you don't just get scan results, but a clear, actionable vulnerability report to improve security.
- Nmap Scan: Initial reconnaissance to identify open ports on the target.
- Gobuster Scan: Directory brute-forcing for hidden directories on web servers.
- FFUF Scan: Fuzzing hidden endpoints and directories for web vulnerabilities.
- AI Analysis: Groq's LLM processes the scan results and generates a concise security report.
HackOps Recon tracks critical scan metrics such as:
- Total Duration: How long the entire scan took.
- AI Processing Time: The time taken by the AI for vulnerability analysis.
- Data Throughput: The scan data's throughput during execution.
HackOps Recon operates with safety protocols to ensure you only scan allowed targets. If an out-of-scope target is detected, a safety alert is triggered, and the scan will not proceed.
HackOps Recon should only be used for legal and ethical purposes. Make sure to have explicit permission before scanning any system. Unauthorized use of this tool can result in severe legal consequences.
If you like HackOps Recon, star the repo! 🔥 If you find any bugs or want to contribute, feel free to open an issue or create a pull request.
Happy Hacking! 🚀