CyberSleuth AI

An advanced, AI-powered cybersecurity suite designed for modern web security analysis. This tool leverages a multi-layer pipeline of specialized AI agents to identify, validate, and analyze potential web vulnerabilities with the highest possible accuracy.

---

Features

• 🤖 Multi-Layer AI Verification Engine:

  • Layer 1 (Proposer): An AI Penetration Tester performs a broad scan to identify potential vulnerabilities.
  • Layer 2 (Validator): An AI Technical Analyst meticulously validates the findings, correcting syntax and hardening curl commands to ensure technical accuracy.
  • Layer 3 (Skeptic): An AI Vulnerability Researcher cross-examines the finding for logical plausibility and context, assigning a final confidence score to eliminate false positives.

• 🌐 Comprehensive Web Scanner:

  • Identifies critical vulnerabilities like SQL Injection, XSS, IDOR, and more.
  • Generates a detailed executive summary and actionable Proof of Concepts (POCs) for each finding.
  • Includes fully validated curl commands and step-by-step manual reproduction guides.

• 🔍 Origin IP Finder:

  • Uses a similar multi-layer AI process to find and verify the server's real IP address behind CDNs and proxies.
  • Provides detailed analyst notes, corroborating evidence, and a final verification summary.

• ✨ Modern & User-Friendly UI:

  • Clean, responsive interface built with React and Tailwind CSS.
  • Real-time feedback on the AI's analysis progress.
  • Convenient "Copy to Clipboard" and "Download Results" functionality.

Tech Stack

• Frontend: React, TypeScript
• AI Model: Google Gemini 2.5 Pro & Flash
• Styling: Tailwind CSS
• Dependencies: No build step needed, runs directly in the browser using ES modules.

---

Getting Started

This project is designed to run directly in the browser without any complex build steps. The Gemini API key is automatically provided by the environment, so no manual setup is required.

Prerequisites

• A modern web browser (like Chrome, Firefox, or Edge).
• A way to run a simple local web server. We'll cover options using Python or Node.js below.

Step 1: Run a Local Web Server

You must serve the project files from a web server. Opening index.html directly will not work.

Option A: Using Python (Recommended for simplicity)

1. Open your terminal or command prompt.
2. Navigate to the project's root directory (the one containing index.html).
3. Run the command that corresponds to your Python version:
   • Python 3: python3 -m http.server
   • Python 2: python -m SimpleHTTPServer

Option B: Using Node.js

1. Make sure you have Node.js installed.
2. Open your terminal and navigate to the project's root directory.
3. Run the following command:

   npx serve

Step 2: View the Application

Once the server is running, open your browser and go to the address provided in your terminal. It will typically be:

• http://localhost:8000 (for the Python server)
• http://localhost:3000 (for the npx serve command)

---

How to Use

• Comprehensive Scanner:

  1. Navigate to the "Comprehensive Scanner" tab.
  2. Enter a full target URL (e.g., https://example.com).
  3. Click "Scan URL" and observe the real-time progress as the AI completes its multi-layer analysis.

• Origin IP Finder:

  1. Navigate to the "Origin IP Finder" tab.
  2. Enter a domain name (e.g., example.com).
  3. Click "Find IP" to begin the multi-stage search and verification.

Disclaimer

This tool is intended for educational and professional research purposes only. The results are generated by a sophisticated AI model pipeline but must always be verified manually by a qualified security professional before taking any action. The creators are not responsible for any misuse of this tool.

License

This project is licensed under the MIT License.