nilgiridemorepo v1.0.6

nilgiri-security : A Core Component of the Nilgiri Framework

The nilgiri-security module leverages the power of Feroxbuster for web security scanning and integrates AI-driven insights for advanced analysis. It simplifies security testing by scanning target URLs for common vulnerabilities and generating detailed reports in both JSON and HTML formats. With AI-generated insights, it highlights critical findings such as unauthorized access points and injection vulnerabilities, helping teams strengthen their application security. Perfect for teams aiming to automate, analyze, and enhance their security testing workflows with ease.

Before we go to Setup Lets See what are the prerequisites

Prerequisites

1. Node.js: Ensure you have Node.js installed.
2. IDE: This project is written in TypeScript, so you'll need to IDE Which Supports NodeJs, For Example : VScode , Intelli ,Etc.
3. AI API Key and EndPoint: This Project is AI-driven,Hence User are requested to get ready with AI API Auth Key and End Point .

Setup : Install and Run

1.Install Depencency:

npm install nilgiri-security --save -d

2.Import the scanAndGenerateReports method from nilgiridemorepo:

const { scanAndGenerateReports } = require('nilgiridemorepo');

3.Call scanAndGenerateReports with the required parameters::

 const systemUrl = 'https://example.com';  // The URL to scan
 const wordlistUrl = 'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/common.txt';  
 const apiKey = 'sk-xxxxxx12345';  // Your AI service API key  
 const apiEndpoint = 'https://api.openai.com/v1/completions';  // Your AI service endpoint  

 scanAndGenerateReports(systemUrl, wordlistUrl, apiKey, apiEndpoint)
 .then(() => console.log('Scan completed! Reports generated in the current directory.'))
 .catch(err => console.error('Error:', err));

Parameters

Running the Application

To run the scanAndGenerateReports method, you need to import and call the method in your script.

Example: testFile.ts

import { scanAndGenerateReports } from 'nilgiridemorepo';  

scanAndGenerateReports(
    'YourAIAPIKey', 
    'https://YourAIEndPoint', 
    'https://YourSystemUnderTestURL/', 
    'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/common.txt'
  )
    .then(() => console.log('Scan completed and reports generated!'))
    .catch(err => console.error('Error during scanning:', err));

Run the File

If you’re using Node.js, you can run the file by executing the following command in your terminal:

node <your-file-name>.js

If you are running your file in Type Script then follow this Step

Prerequisites

1. Ensure you have Node.js and TypeScript installed on your machine.
   • You can download Node.js from here.
   • To install TypeScript globally, run the following command:

     npm install -g typescript

Steps to Run

1. Compile the TypeScript file: In your terminal, navigate to the project folder and run the following command to compile the TypeScript file:

   tsc <your-file-name>.ts
   node <your-file-name>.js

• Please Add your Report Snippet in GIF format

Features

• Scans a target URL for potential security issues using the Feroxbuster tool.
• Downloads and unzips the Feroxbuster executable based on the system's OS (Windows, macOS, Linux).
• Supports customizable wordlist URLs to scan common paths and files.
• Generates two types of reports:
  • JSON Report: Contains detailed findings and scan summary.
  • HTML Report: A human-readable report with comprehensive security analysis.
• Integrates with AI to analyze the scan results and generate actionable insights for security improvements.
• Automates the process of scanning, analyzing, and reporting, reducing manual effort.

Support

• For any Support please feel free to drop your query at
• nilgiri-security GitHub repository.

Thank you for choosing nilgiri-security as part of the Nilgiri framework for your Node.js utility needs!