v0.14.0

Author: xaitax

.github/workflows/publish.yml

@@ -0,0 +1,63 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags:
+      - "v*"
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: Build sdist and wheel
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install build backend
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+
+      - name: Build
+        run: |
+          python -m build
+
+      - name: Upload dist artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/*
+
+  publish:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # for trusted publishing (preferred) or use API token below
+      contents: read
+    steps:
+      - name: Download dist artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist
+
+      - name: Publish to PyPI (Trusted Publishing)
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: dist/
+        if: ${{ github.ref_type == 'tag' }}
+
+      # If you prefer API token instead of Trusted Publishing, uncomment below and add PYPI_API_TOKEN secret
+      # - name: Publish to PyPI (API token)
+      #   uses: pypa/gh-action-pypi-publish@release/v1
+      #   with:
+      #     packages-dir: dist/
+      #     password: ${{ secrets.PYPI_API_TOKEN }}
+      #   if: ${{ github.ref_type == 'tag' }}

.gitignore

@@ -1,2 +1,4 @@
 
 sploitscan/config.json
+*.pyc
+sploitscan/config.json

CHANGELOG.md

@@ -1,5 +1,18 @@
 # 📆 Changelog
 
+## [07. October 2025] - Version 0.14.0
+
+- **Modern modular refactor**
+  Reorganized the codebase into clear modules (fetchers, metrics, display, AI providers, importers, exporters, utils) while keeping the CLI usage and output intact. The legacy wrapper now safely delegates to the new CLI and supports both “python -m sploitscan” and direct script execution.
+
+- **HTML export redesign**
+  Complete report refresh with Tailwind (CDN) styling: dark mode toggle, sticky header, sidebar filters, sortable summary table, responsive detail cards, and a readable AI section. Kept a zero‑build setup; distro packagers can optionally ship a precompiled CSS for offline styling.
+
+- **Metasploit integration**
+  Added default Metasploit discovery via Rapid7’s modules_metadata_base.json with conditional caching. Only modules whose references contain the exact CVE ID are counted.
+
+- **Bug fixes & compatibility**
+
 ## [25. February 2025] - Version 0.13.0
 
 - **Google Gemini, xAI Grok & DeepSeek Integration**  

Dockerfile

@@ -2,7 +2,6 @@ FROM python:3.9-slim-buster
 
 WORKDIR /app
 COPY . /app
-COPY sploitscan/config.json /app/config.json
 RUN pip install --no-cache-dir -r requirements.txt
 
 ENTRYPOINT ["python", "sploitscan.py"]

README.md

@@ -76,8 +76,8 @@ SploitScan is a powerful and user-friendly tool designed to streamline the proce
 - **[GitHub](https://poc-in-github.motikan2010.net/)**
 - **[ExploitDB](https://www.exploit-db.com/)**
 - **[VulnCheck](https://vulncheck.com/)** (requires a **free** VulnCheck API key)
-- **[Packet Storm](https://packetstormsecurity.com/)**
 - **[Nuclei](https://github.com/projectdiscovery/nuclei-templates)**
+- **[Metasploit](https://github.com/rapid7/metasploit-framework)**
 
 ## 📁 Supported Vulnerability Scanner Import
 
@@ -138,7 +138,7 @@ A typical `config.json` might look like this:
 {
     "vulncheck_api_key": "",
     "openai_api_key": "",
-    "google_api_key": "",
+    "google_ai_api_key": "",
     "grok_api_key": "",
     "deepseek_api_key": ""
 }
@@ -155,7 +155,7 @@ $ python .\sploitscan.py -h
 ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   ╚════██║██║     ██╔══██║██║╚██╗██║
 ███████║██║     ███████╗╚██████╔╝██║   ██║   ███████║╚██████╗██║  ██║██║ ╚████║
 ╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   ╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝
-v0.13.0 / Alexander Hagenah / @xaitax / ah@primepage.de
+v0.14.0 / Alexander Hagenah / @xaitax / ah@primepage.de
 
 usage: sploitscan.py [-h] [-e {json,csv,html}] [-t {nessus,nexpose,openvas,docker}] [--ai {openai,google,grok,deepseek}] [-k KEYWORDS [KEYWORDS ...]] [-local] [-f] [-m METHODS] [-i IMPORT_FILE] [-c CONFIG] [-d] [cve_ids ...]
 
@@ -211,7 +211,7 @@ sploitscan -local
 ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   ╚════██║██║     ██╔══██║██║╚██╗██║
 ███████║██║     ███████╗╚██████╔╝██║   ██║   ███████║╚██████╗██║  ██║██║ ╚████║
 ╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   ╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝
-v0.13.0 / Alexander Hagenah / @xaitax / ah@primepage.de
+v0.14.0 / Alexander Hagenah / @xaitax / ah@primepage.de
 
 📥 Cloning CVE List V5 into 'C:\Users\ah/.sploitscan\cvelistV5'.
 ⚠️ Warning: The repository is several GB in size and the download may take a while.
@@ -235,7 +235,7 @@ sploitscan -k "Outlook Express"
 ╚════██║██╔═══╝ ██║     ██║   ██║██║   ██║   ╚════██║██║     ██╔══██║██║╚██╗██║
 ███████║██║     ███████╗╚██████╔╝██║   ██║   ███████║╚██████╗██║  ██║██║ ╚████║
 ╚══════╝╚═╝     ╚══════╝ ╚═════╝ ╚═╝   ╚═╝   ╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝
-v0.13.0 / Alexander Hagenah / @xaitax / ah@primepage.de
+v0.14.0 / Alexander Hagenah / @xaitax / ah@primepage.de
 
 ┌───[ 🕵️ Searching local database for keywords: outlook express ]
 Processing CVE files: 100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 282372/282372 [04:38<00:00, 1013.92it/s]

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "sploitscan"
-version = "0.13.0"
+version = "0.14.0"
 description = "SploitScan is a cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits."
 authors = [ { name = "Alexander Hagenah", email = "ah@primepage.de" } ]
 license = { file = "LICENSE" }

requirements.txt

@@ -1,6 +1,6 @@
-requests==2.32.3
+requests==2.32.5
 jinja2==3.1.6
-openai==1.65.4
-google-genai==1.4.0
-GitPython==3.1.44
+openai==2.2.0
+google-genai==1.41.0
+GitPython==3.1.45
 tqdm==4.67.1

sploitscan/__init__.py

@@ -0,0 +1,12 @@
+from __future__ import annotations
+
+# Public package API and metadata
+
+from .constants import VERSION as __version__
+from .cli import cli, main
+
+__all__ = [
+    "__version__",
+    "cli",
+    "main",
+]

sploitscan/ai.py

@@ -0,0 +1,108 @@
+"""
+AI orchestration: prompt generation and provider routing.
+"""
+
+from __future__ import annotations
+
+import json
+from typing import Any, Dict, Optional
+
+from .config import load_config
+from .ai_providers.openai_provider import get_openai_risk_assessment
+# Other providers (Google/Grok/DeepSeek) are imported lazily inside get_risk_assessment()
+# to keep optional dependencies graceful and avoid import errors if packages are not installed.
+
+
+def generate_ai_prompt(cve_details: str, cve_data: Dict[str, Any]) -> str:
+    """
+    Build a deterministic, hallucination-resistant prompt. We:
+    - Force exactly four numbered sections with strict formatting.
+    - Emphasize evidential reasoning using provided data (CVE, KEV, EPSS, exploits).
+    - Forbid inventing patches/links and require stating “Unknown” if uncertain.
+    - Optimize for security triage usefulness (business impact + concrete actions).
+    """
+    prompt = f"""
+You are a senior security analyst. Using ONLY the information provided below, produce EXACTLY four sections, each starting with the numeric header shown:
+
+1. Risk Assessment
+Explain: vulnerability nature, affected components (if clear), preconditions, attacker effort, and impact on confidentiality, integrity, and availability. Reflect signals like CVSS/EPSS, CISA KEV status, public exploit presence (GitHub, Metasploit, Exploit‑DB, Nuclei) where available. If data is unclear, write “Unknown”.
+
+2. Potential Attack Scenarios
+Describe at least one plausible end-to-end scenario: entry point, pre-auth vs post-auth, privilege required, lateral movement, and realistic outcomes (e.g., data theft, RCE, business downtime). If multiple paths exist, choose the highest-risk one and justify briefly.
+
+3. Mitigation Recommendations
+Provide concrete, prioritized actions. Include: patch/update guidance if a vendor fix is referenced, interim mitigations (network controls, feature disablement, WAF rules, config hardening), and detection/monitoring ideas. Only cite links that are present in the provided references; do NOT invent URLs. If patch availability is unclear, say “Patch status: Unknown”.
+
+4. Executive Summary
+Give a concise, two-paragraph summary for non-technical stakeholders: business risk, exploitation likelihood, and urgency. End with a clear call to action.
+
+Strict formatting rules:
+- Plain text only. No bullet points, no dashes, no markdown, no emojis.
+- Each of the four headings must appear verbatim on its own line as above.
+- Separate paragraphs with a single blank line.
+- Do not add extra sections or a conclusion beyond the four sections.
+- If you are unsure, write “Unknown” rather than speculating.
+
+CVE DETAILS:
+{cve_details}
+
+FULL CVE DATA (for reference; use cautiously, do not copy raw JSON):
+{json.dumps(cve_data, indent=2)}
+"""
+    return prompt
+
+
+def get_risk_assessment(
+    ai_provider: Optional[str],
+    cve_details: str,
+    cve_data: Dict[str, Any],
+    *,
+    config: Optional[Dict[str, Any]] = None,
+) -> str:
+    """
+    Route the prompt to the selected AI provider. If no provider is selected, return an explanatory message.
+    """
+    if not ai_provider:
+        return "❌ No AI provider selected."
+
+    cfg = config or load_config()
+    prompt = generate_ai_prompt(cve_details, cve_data)
+
+    # Normalize common aliases
+    normalized = {
+        "openai": "openai",
+        "chatgpt": "openai",
+        "gpt": "openai",
+        "google": "google",
+        "gemini": "google",
+        "grok": "grok",
+        "xai": "grok",
+        "deepseek": "deepseek",
+    }
+    provider = normalized.get(ai_provider.lower(), ai_provider.lower())
+
+    if provider == "openai":
+        return get_openai_risk_assessment(prompt, cfg.get("openai_api_key"))
+
+    if provider == "google":
+        try:
+            from .ai_providers.google_provider import get_google_risk_assessment
+        except Exception as e:
+            return f"❌ Google provider not available: {e}"
+        return get_google_risk_assessment(prompt, cfg.get("google_ai_api_key"))
+
+    if provider == "grok":
+        try:
+            from .ai_providers.grok_provider import get_grok_risk_assessment
+        except Exception as e:
+            return f"❌ Grok provider not available: {e}"
+        return get_grok_risk_assessment(prompt, cfg.get("grok_api_key"))
+
+    if provider == "deepseek":
+        try:
+            from .ai_providers.deepseek_provider import get_deepseek_risk_assessment
+        except Exception as e:
+            return f"❌ DeepSeek provider not available: {e}"
+        return get_deepseek_risk_assessment(prompt, cfg.get("deepseek_api_key"))
+
+    return "❌ Unknown AI provider selected."

sploitscan/ai_providers/deepseek_provider.py

@@ -0,0 +1,52 @@
+"""
+DeepSeek provider for AI-powered risk assessment.
+"""
+
+from __future__ import annotations
+
+from typing import Optional
+import time
+
+from openai import OpenAI  # type: ignore[import-untyped]
+
+
+def get_deepseek_risk_assessment(prompt: str, api_key: Optional[str]) -> str:
+    """
+    DeepSeek via OpenAI-compatible API.
+    - Endpoint: https://api.deepseek.com
+    - Model: deepseek-chat
+    - Deterministic output: temperature=0, stream=False
+    - Retries: simple backoff to tolerate transient timeouts
+    """
+    if not api_key:
+        return "❌ DeepSeek API key is not configured correctly."
+    try:
+        client = OpenAI(api_key=api_key, base_url="https://api.deepseek.com")
+    except Exception as e:
+        return f"❌ Error initializing DeepSeek client: {e}"
+
+    last_err: Optional[str] = None
+    for attempt in range(3):
+        try:
+            response = client.chat.completions.create(
+                model="deepseek-chat",
+                messages=[
+                    {"role": "system", "content": "You are a security analyst."},
+                    {"role": "user", "content": prompt},
+                ],
+                temperature=0,
+                stream=False,
+                timeout=60,
+            )
+            if response.choices and len(response.choices) > 0:
+                message = response.choices[0].message
+                content = getattr(message, "content", None)
+                return (content or str(message) or "").strip()
+            return "DeepSeek: No response received."
+        except Exception as e:
+            last_err = str(e)
+            if attempt < 2:
+                time.sleep(3 * (attempt + 1))
+                continue
+            return f"❌ Error fetching data from DeepSeek: {last_err or 'Unknown error'}"
+