
Advanced AI-Driven Penetration Testing Tool
Deep Eye orchestrates multiple AI providers (OpenAI, Claude, Grok, Gemini, OLLAMA, Groq, Mistral, OpenRouter, LiteLLM, LM Studio) for intelligent payload generation, scans targets for 45+ vulnerability types, and produces professional reports with compliance mapping.
Windows:
.\scripts\install.ps1
Linux/Mac:
chmod +x scripts/install.sh && ./scripts/install.sh
Manual:
pip install -r requirements.txt
cp config/config.example.yaml config/config.yaml
# Edit config.yaml with your API keys
Browser automation (optional):
pip install playwright && playwright install chromium
python deep_eye.py -u https://target.com
python deep_eye.py -c config/config.yaml
python deep_eye.py -u https://target.com -v
python deep_eye.py -u https://target.com --formats junit,csv,xlsx
Compare two scan results to see what changed:
python deep_eye.py --diff baseline.json current.json --diff-format html --diff-output diff_report.html
| Flag | Description |
|---|---|
-u, --url |
Target URL (overrides config) |
-c, --config |
Config file path (default: config/config.yaml) |
-v, --verbose |
Verbose output |
--version |
Show version |
--no-banner |
Disable ASCII banner |
--formats |
Comma-separated export formats: junit,csv,xlsx |
--diff |
Diff two scan JSON files (positional: BASELINE CURRENT) |
--diff-output |
Output path for diff report |
--diff-format |
Diff format: html, json, csv |
All behavior is controlled via config/config.yaml. The CLI is intentionally minimal.
Configure one or more providers:
ai_providers:
openai:
enabled: true
api_key: "sk-..."
model: "gpt-4o"
claude:
enabled: true
api_key: "sk-ant-..."
model: "claude-3-5-sonnet-20241022"
ollama:
enabled: true
base_url: "http://localhost:11434"
model: "llama2"
Supported: openai, claude, grok, ollama, gemini, openrouter, mistral, groq, lmstudio, litellm
scanner:
target_url: "https://target.com"
default_threads: 5 # 1-50
default_depth: 2 # crawl depth
enable_recon: true
full_scan: false
ai_provider: "openai"
vulnerability_scanner:
enabled_checks:
- sql_injection
- xss
- command_injection
- ssrf
- ssti
- lfi
- rfi
- jwt_vulnerabilities
# ... 45+ available checks
payload_generation:
use_ai: true
context_aware: true
cve_database: true
compliance:
enabled: true
frameworks:
- pci_dss
- soc2
- iso_27001
ai_triage:
enabled: true
drop_false_positives: true
drop_threshold: 0.8
min_severity: "low"
bug_bounty:
enabled: true
format: "markdown"
min_severity: "medium"
output_directory: "reports/bounty"
templates:
enabled: true
template_directories:
- "templates/nuclei"
tag_filters:
- "cve"
- "rce"
severity_filter: "critical,high"
challenge_solver:
enabled: true
vendors:
- "cloudflare"
- "akamai"
playwright_headless: true
cookie_ttl_seconds: 1800
reporting:
enabled: true
output_directory: "reports"
default_format: "html"
formats:
- html
- pdf
- json
- junit
- csv
- xlsx
experimental:
enable_cve_matching: true
enable_subdomain_scanning: true
max_subdomains_to_scan: 50
# Update CVE intelligence database from NVD
python scripts/update_cve_database.py
# Build RAG vector index for CVE search
python scripts/build_cve_rag_index.py
# Run all tests
pytest
# Run specific test
pytest tests/test_export_formats.py -v
# E2E test (requires API key)
python tests/e2e_litellm.py
deep-eye/
├── deep_eye.py # Entry point
├── core/ # Orchestration layer
│ ├── scanner_engine.py # Main scan orchestrator (ThreadPoolExecutor)
│ ├── vulnerability_scanner.py # 45+ vuln checks
│ ├── ai_payload_generator.py # AI-powered payload gen
│ ├── report_generator.py # PDF/HTML/JSON reports
│ ├── scan_diff.py # Scan comparison
│ └── pentest_state_manager.py # Phase/progress tracking
├── ai_providers/ # 10 AI provider integrations
├── modules/ # Specialized security testers
│ ├── ai_triage/ # False-positive filtering + bounty writer
│ ├── template_engine/ # Nuclei-style YAML templates
│ ├── challenge_solver/ # CF/Akamai challenge bypass
│ ├── intercepting_proxy/ # mitmproxy interceptor
│ ├── captcha_detection/ # CAPTCHA detect + login replay
│ ├── cve_intelligence/ # CVE scraper + RAG index
│ ├── browser_automation/ # Playwright + Browser Use AI
│ └── ... # 25+ more modules
├── utils/
│ ├── exports/ # JUnit, CSV, XLSX builders
│ ├── compliance/ # PCI-DSS, SOC2, ISO 27001 mapping
│ └── ... # http_client, logger, parser, etc.
├── config/
│ └── config.example.yaml # Full configuration reference
├── scripts/ # CVE updater, RAG builder
├── tests/ # pytest test suite
└── reports/ # Generated output (gitignored)
SQL Injection (error/blind/time-based), XSS (reflected/stored/DOM), Command Injection, SSRF, XXE, Path Traversal, CSRF, Open Redirect, CORS Misconfiguration, Security Headers
API Security (OWASP API Top 10), GraphQL, Business Logic, Authentication/Session, File Upload, WebSocket, ML Anomaly Detection, OSINT, Payload Obfuscation, LFI/RFI, SSTI, CRLF, Host Header Injection, LDAP Injection, Insecure Deserialization, JWT, Broken Auth
NoSQL Injection, HTTP Smuggling, Race Conditions, Log4Shell, Mass Assignment, Prototype Pollution, OAuth, Cache Poisoning, Subdomain Takeover, SAML Attacks, Port Scanning, Directory Bruteforce, Secret Scanning
Deep Eye is designed for authorized security testing only.
MIT License. See LICENSE for details.
$ claude mcp add deep-eye \
-- python -m otcore.mcp_server <graph>