Kadedee Quick Start Guide Installation (3 minutes) Step 1: Run Installation Script ./INSTALL.sh This will:
Check Node.js version Install all dependencies (may take 2-3 minutes) Set up the CLI Initialize the database Step 2: Verify Installation node cli/index.js --help You should see the Kadedee banner and help menu.
Basic Usage Initialize Database node cli/index.js init Your First Scan
node cli/index.js scan http://testphp.vulnweb.com
node cli/index.js scan http://localhost:3000
Scan with All Features
node cli/index.js scan http://testphp.vulnweb.com
--ai-analysis
--depth 4
--threads 5
View Results
After scanning, check these locations:
HTML Report: kadedee-reports/report.html (open in browser) JSON Report: kadedee-reports/report.json (for automation) Text Report: kadedee-reports/report.txt (for terminal) Screenshots: kadedee-reports/screenshots/ (evidence images) View Scan History
node cli/index.js report --list
node cli/index.js report --id 1 Common Options
--depth # How deep to crawl (default: 3) --threads # Concurrent threads (default: 5) --output # Report directory (default: ./kadedee-reports) --no-screenshots # Disable screenshot capture --ai-analysis # Enable AI-powered insights
node cli/index.js scan https://example.com --depth 2 node cli/index.js scan https://example.com --no-screenshots node cli/index.js scan https://example.com --output ./my-scan Understanding Reports Severity Levels CRITICAL: Immediate action required (RCE, SQLi, etc.) HIGH: Serious security risk (XSS, SSRF, etc.) MEDIUM: Moderate risk (CSRF, Open Redirect, etc.) LOW: Security improvement (Missing headers, etc.) Vulnerability Types Kadedee detects 13+ vulnerability types:
SQL Injection - Database attacks XSS - JavaScript injection SSRF - Server-side request forgery XXE - XML external entity attacks SSTI - Template injection Command Injection - OS command execution LFI - Local file inclusion Open Redirect - Phishing vector IDOR - Broken access control CSRF - Cross-site request forgery Missing Security Headers - Configuration issues CORS Misconfiguration - Cross-origin issues Race Conditions - Timing vulnerabilities Test Targets For learning and testing:
node cli/index.js scan http://localhost/DVWA
node cli/index.js scan http://localhost:8080/WebGoat
node cli/index.js scan http://testphp.vulnweb.com node cli/index.js scan http://testhtml5.vulnweb.com Troubleshooting "Cannot find module" Error
./INSTALL.sh Puppeteer/Chromium Issues
sudo apt-get install chromium-browser
brew install chromium Slow Scans
node cli/index.js scan --depth 2 --threads 10 Database Locked
rm kadedee-data/kadedee.db-wal rm kadedee-data/kadedee.db-shm Advanced Features AI Analysis The --ai-analysis flag enables:
Executive summaries Risk scoring (0-100) Business impact assessment Prioritized remediation roadmap Compliance impact (GDPR, PCI-DSS, etc.) Machine Learning Kadedee automatically:
Learns from each scan Updates vulnerability patterns Improves detection accuracy Reduces false positives over time Screenshots Automatically captures:
Visual proof of vulnerabilities
Full-page screenshots
Evidence for reports
Safety Reminders
Legal usage:
✅ Your own websites/applications ✅ Authorized penetration tests ✅ Lab environments ✅ With explicit written permission Illegal usage:
❌ Third-party websites without permission ❌ Production systems without authorization ❌ Any unauthorized scanning Next Steps Read full documentation: README-KADEDEE.md Try scanning your own application Review the HTML report in a browser Explore the scan history with report --list Enable AI analysis for deeper insights Getting Help
node cli/index.js --help
node cli/index.js scan --help node cli/index.js report --help Example Workflow
node cli/index.js init
node cli/index.js scan https://myapp.local
--ai-analysis
--depth 3
--output ./security-audit
open ./security-audit/report.html
cat ./security-audit/report.txt
node cli/index.js report --list Happy Scanning! Remember: Use responsibly and only on authorized systems.