Skip to content

iammm0/secbot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

348 Commits
.github/workflows
.github/workflows
 
 
.npm-cache
.npm-cache
 
 
assets
assets
 
 
desktop/src-tauri/gen/schemas
desktop/src-tauri/gen/schemas
 
 
docs
docs
 
 
npm-bin
npm-bin
 
 
prompts/templates
prompts/templates
 
 
scripts
scripts
 
 
server
server
 
 
skills/base
skills/base
 
 
terminal-ui
terminal-ui
 
 
.env.backup
.env.backup
 
 
.gitignore
.gitignore
 
 
.npmrc.example
.npmrc.example
 
 
.nvmrc
.nvmrc
 
 
.prettierignore
.prettierignore
 
 
.prettierrc
.prettierrc
 
 
AGENT.md
AGENT.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
README_CN.md
README_CN.md
 
 
README_EN.md
README_EN.md
 
 
TEST_REPORT.md
TEST_REPORT.md
 
 
build.bat
build.bat
 
 
build.sh
build.sh
 
 
eslint.config.mjs
eslint.config.mjs
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
vitest.config.ts
vitest.config.ts
 
 

Repository files navigation

@opensec/secbot (TypeScript) - v2.0.0-b1

npm version npm downloads Node.js License

Secbot is an AI-powered TypeScript security automation workspace with a NestJS backend and an Ink-based terminal UI.

Security notice: this package is for authorized security testing, research, and education only. Do not run scans or exploitation tasks against targets without explicit permission.

Secbot main UI

Why This Package

  • End-to-end TypeScript architecture (NestJS + Ink + SQLite).
  • secbot binary that starts terminal UI with local spawned backend by default.
  • secbot-server binary for backend-only API scenarios.
  • Multi-agent orchestration with planning, tool execution, and summarization.
  • Built-in security tool modules for web, network, OSINT, defense, and reporting workflows.

Requirements

  • Node.js >= 24
  • npm >= 10 (recommended)
  • Optional: Ollama for local model serving

Install

Global install (recommended)

npm install -g @opensec/secbot

One-off run with npx

npx @opensec/secbot

Quick Start

1. Configure environment variables

Create a .env file in your working directory:

# Cloud model backend (recommended)
LLM_PROVIDER=deepseek
DEEPSEEK_API_KEY=sk-your-api-key
DEEPSEEK_MODEL=deepseek-reasoner

# Optional local backend (Ollama)
# LLM_PROVIDER=ollama
# OLLAMA_BASE_URL=http://localhost:11434
# OLLAMA_MODEL=gemma3:1b

2. Start full product mode (backend + TUI)

secbot

3. Start backend only (optional)

secbot-server

4. Attach to an existing backend (optional)

# Recommended explicit service mode
SECBOT_TUI_BACKEND=service SECBOT_API_URL=http://127.0.0.1:8000 secbot

# Backward-compatible alias
SECBOT_TUI_BACKEND=remote SECBOT_API_URL=http://127.0.0.1:8000 secbot

Package Binaries

Binary Description
secbot Start terminal UI (default: spawn local backend; optional service mode)
secbot-server Start NestJS backend only

Source Development

git clone https://github.com/iammm0/secbot.git
cd secbot
npm ci

# Backend dev (watch mode)
npm run dev

# TUI (in another terminal, default: spawn local backend)
npm run start:tui

# TUI service mode (connect existing backend only)
SECBOT_TUI_BACKEND=service SECBOT_API_URL=http://127.0.0.1:8000 npm run start:tui

Common npm scripts

Script Description
npm run build Build backend and package artifacts
npm run typecheck Type-check server code
npm run lint Run ESLint
npm run format:check Check Prettier formatting
npm test Run tests
npm run release:pack Build and create npm package tarball

Documentation

Registry Links

License

This project is licensed under MIT. See LICENSE for details.

About

⚠️ 本工具仅用于授权的安全测试。未经授权使用本工具进行网络攻击是违法的。一个智能化的自动化渗透测试机器人,具备AI驱动的安全测试能力。

secbot.site

Topics

python go typescript sqlite mcp langchain langgraph sqlite-vec agent-skills

Resources

Readme

License

View license
Activity

Stars

58 stars

Watchers

0 watching

Forks

12 forks
Report repository

Releases 10

v1.10.0 Latest
Apr 3, 2026
+ 9 releases

Packages

 
 
 

Contributors

Languages