Self-hosted network vulnerability scanning orchestrator with:
- React UI for configuration, scheduling, manual runs, logs, and reports
- FastAPI backend API + orchestrator
- PostgreSQL (Docker Compose) or SQLite (standalone) persistence
- nginx reverse proxy routing all traffic on port 80
- Optional SkyWalking observability (Python agent + browser agent)
- Containerized scan components discovered dynamically from
components/* - AI-driven per-finding triage — LiteLLM-backed, works with any provider (OpenAI, Anthropic, Ollama, local LLMs); configurable in Settings → AI Triage
- Multi-channel notifications — Apprise-backed; Slack, Teams, Discord, email, webhooks and 80+ services via a single URL; configurable in Settings → Notifications
- PDF report export — WeasyPrint + Jinja2 templates; cover page with severity badges, executive summary, per-component stats, and AI triage annotations per finding
Use the document that matches your role:
-
USER_GUIDE.md User-facing guide for profiles, scans, runs, findings, agents, and day-to-day usage.
-
SETUP.md Environment setup, Docker Compose usage, remote agent startup, runtime options, and operational notes.
-
DEVELOPMENT.md Architecture, repository structure, data model, component extension model, tests, and frontend/backend engineering conventions.
-
LICENSE_MATRIX.md Commercial packaging guidance for bundled, BYO, and review-required integrations.
Some scanner integrations are intentionally BYO-only or review-gated.
Use LICENSE_MATRIX.md before deciding what to bundle in any commercial distribution.
backend/
components/
frontend/
nginx/
docker-compose.yml
docker-compose.observability.yml
Makefile
README.md
USER_GUIDE.md
SETUP.md
DEVELOPMENT.md
LICENSE_MATRIX.md