HackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices architecture, and comprehensive security frameworks to deliver professional-grade cybersecurity assessments.
HackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices architecture, and comprehensive security frameworks to deliver professional-grade cybersecurity assessments.
Created by Yashab Alam
π° Support the Project: Donate to HackGPT Development | Help us build the future of AI-powered penetration testing!
π’ Enterprise Features
π€ Advanced AI Engine β Multi-Provider Support
- 7 AI Providers: OpenAI, Anthropic (Claude), Google (Gemini), DeepSeek, GLM (Zhipu), Local LLMs (Ollama), OpenRouter
- 26+ AI Models: GPT-5, GPT-5.6, o3, o4-mini, Claude Sonnet 5, Opus 4.8, Gemini 3.5 Flash, 3.1 Pro, DeepSeek R1, and more
- Runtime Model Switching: Change AI models on-the-fly with automatic provider fallback
- Machine Learning: Pattern recognition, anomaly detection, behavioral analysis
- Zero-Day Detection: ML-powered vulnerability discovery and correlation
- Risk Intelligence: CVSS scoring, impact assessment, exploit prioritization
- Automated Reporting: Executive summaries, technical details, compliance mapping
π‘οΈ Advanced SOC Analysis & SIEM Integration
- Advanced SOC Engine: Multi-format log parser/normalizer, IOC extraction, MITRE ATT&CK technique mapping
- Sliding-Window Correlation: Real-time event grouping, deduplication, and multi-stage attack timeline reconstruction
- Statistical Anomalies: Z-score volume profiling, off-hours execution, and IP/host diversity tracking
- Incident Response Playbooks: AI-driven IR response guidelines customized per attack vector
- SIEM Connectors: Native connectors for Splunk (HEC & searches), IBM QRadar (Ariel AQL), Elasticsearch, and customizable Webhooks
π‘οΈ Enterprise Security & Compliance
- Authentication: RBAC + LDAP/Active Directory integration
- Authorization: Role-based permissions (Admin, Lead, Senior, Pentester, Analyst)
- Compliance: OWASP, NIST, ISO27001, SOC2, PCI-DSS frameworks
- Audit Logging: Comprehensive activity tracking and forensics
- Data Protection: AES-256-GCM encryption, JWT tokens, secure sessions
ποΈ Cloud-Native Architecture
- Microservices: Docker containers with Kubernetes orchestration
- Service Discovery: Consul-based service registry
- Load Balancing: Nginx reverse proxy with auto-scaling
- Multi-Cloud: AWS, Azure, GCP deployment support
- High Availability: Circuit breakers, health checks, failover
β‘ Performance & Scalability
- Parallel Processing: Celery-based distributed task execution
- Multi-Layer Caching: Redis + memory caching with TTL management
- Database: PostgreSQL with connection pooling and replication
- Real-Time: WebSocket dashboards with live updates
- Auto-Scaling: Worker pools adapt to workload demands
π Enterprise Reporting & Analytics
- Dynamic Reports: HTML, PDF, JSON, XML, CSV export formats
- Real-Time Dashboards: Prometheus + Grafana monitoring stack
- Log Analytics: ELK stack (Elasticsearch + Kibana) integration
- Executive Summaries: AI-generated business impact assessments
- Compliance Reports: Framework-specific compliance documentation
π Quick Start
Prerequisites
- Operating System: Linux (Ubuntu/Debian/RHEL/CentOS), macOS, or Windows WSL2
- Python: 3.8+ with pip and virtual environment support
- Docker: For containerized deployment (recommended)
- Resources: Minimum 4GB RAM, 20GB disk space
Enterprise Installation
# Clone the repository
git clone https://github.com/yashab-cyber/HackGPT.git
cd HackGPT
Run enterprise installer (sets up all services)
chmod +x install.sh
./install.sh
Configure environment
cp .env.example .env
Edit .env with your API keys and settings
nano .env
Verify installation
python3 test_installation.py
Deployment Options
1. Standalone Enterprise Mode
# Activate virtual environment
source venv/bin/activate
Run enterprise application
python3 advance_hackgpt.py
2. API Server Mode
# Start REST API server
python3 advance_hackgpt.py --api
API available at: http://localhost:8000
Health check: http://localhost:8000/api/health
3. Web Dashboard Mode
# Start web dashboard
python3 advance_hackgpt.py --web
Dashboard available at: http://localhost:8080
4. Full Enterprise Stack (Recommended)
# Deploy complete microservices stack
docker-compose up -d
Services:
- API Server: http://localhost:8000
- Web Dashboard: http://localhost:8080
- Monitoring: http://localhost:9090 (Prometheus)
- Analytics: http://localhost:3000 (Grafana)
- Logs: http://localhost:5601 (Kibana)
5. Direct Assessment Mode
# Run immediate assessment
python3 advance_hackgpt.py \
--target example.com \
--scope "Web application and API" \
--auth-key "ENTERPRISE-2025-AUTH" \
--assessment-type black-box \
--compliance OWASP
ποΈ Enterprise Architecture
Core Components
graph TD
A[Load Balancer/Nginx] --> B[HackGPT API Gateway]
B --> C[Authentication Service]
B --> D[AI Engine Service]
B --> E[Exploitation Service]
B --> F[Reporting Service]
B --> SOC[SOC Analysis Service]
C --> G[LDAP/AD]
D --> H[OpenAI API]
D --> H2[Anthropic API]
D --> H3[Google Gemini API]
D --> H4[DeepSeek API]
D --> H5[GLM / Zhipu API]
D --> H6[OpenRouter API]
D --> I[Local LLM / Ollama]
D --> J[ML Models]
E --> K[Parallel Processor]
F --> L[Report Generator]
SOC --> S1[Splunk HEC/Search API]
SOC --> S2[IBM QRadar Ariel API]
SOC --> S3[Elasticsearch Query DSL]
SOC --> S4[Webhook Alerts]
K --> M[Celery Workers]
M --> N[Redis Queue]
B --> O[PostgreSQL]
B --> P[Redis Cache]
Q[Prometheus] --> R[Grafana]
S[Elasticsearch] --> T[Kibana]
Service Stack
| Service | Purpose | Port | Technology | |---------|---------|------|------------| | hackgpt-app | Main application | 8000, 8080 | Python/Flask | | hackgpt-soc | SOC & SIEM Correlation Engine | - | Python / Log Normalizer | | hackgpt-worker | Background tasks | - | Celery | | hackgpt-database | Data persistence | 5432 | PostgreSQL 15 | | hackgpt-redis | Cache & queues | 6379 | Redis 7 | | prometheus | Metrics collection | 9090 | Prometheus | | grafana | Monitoring dashboard | 3000 | Grafana | | elasticsearch | Log aggregation | 9200 | Elasticsearch | | kibana | Log visualization | 5601 | Kibana | | consul | Service discovery | 8500 | Consul | | nginx | Load balancer | 80, 443 | Nginx |
π§ Configuration
Enterprise Configuration (config.ini)
The configuration file supports 200+ options across multiple categories:
[app]
debug = false
environment = production
max_sessions = 100
[database] url = postgresql://hackgpt:hackgpt123@localhost:5432/hackgpt pool_size = 20 backup_enabled = true
[ai] default_model = gpt-5 default_provider = openaiapikey = yourkeyhere anthropicapikey = yourkeyhere googleapikey = yourkeyhere enablelocalfallback = true confidence_threshold = 0.8
[security] secretkey = yoursecret_here jwt_algorithm = HS256 ratelimitenabled = true
[ldap] server = ldaps://your-ldap-server.com:636 bind_dn = cn=admin,dc=example,dc=com
[compliance] frameworks = OWASP,NIST,ISO27001,SOC2,PCI-DSS autocompliancecheck = true
[cloud] docker_host = unix:///var/run/docker.sock serviceregistrybackend = consul
Environment Variables (.env)
Over 100 environment variables for enterprise deployment:
# Core Services
DATABASE_URL=postgresql://hackgpt:hackgpt123@localhost:5432/hackgpt
REDIS_URL=redis://localhost:6379/0
AI Configuration β Multi-Provider
HACKGPTMODEL=gpt-5 # Any model from aiengine/model_registry.py
OPENAIAPIKEY=youropenaiapi_key
ANTHROPICAPIKEY=youranthropicapi_key
GOOGLEAPIKEY=yourgoogleapi_key
DEEPSEEKAPIKEY=yourdeepseekapi_key
GLMAPIKEY=yourglmapi_key
OPENROUTERAPIKEY=youropenrouterapi_key
LOCALLLMENDPOINT=http://localhost:11434
Security
SECRETKEY=yoursecret_key
JWTSECRETKEY=yourjwtsecret
LDAP_SERVER=ldaps://your-ldap.com:636
Cloud Providers
AWSACCESSKEYID=youraws_key
AZURESUBSCRIPTIONID=yourazureid
GCPPROJECTID=yourgcpproject
Monitoring
PROMETHEUS_ENDPOINT=http://localhost:9090
GRAFANAAPIKEY=yourgrafanakey
ELASTICSEARCH_ENDPOINT=http://localhost:9200
π― Enterprise Penetration Testing
Enhanced 6-Phase Methodology
Phase 1: Intelligence Gathering & Reconnaissance
Enterprise Features:- AI-powered OSINT automation
- Multi-source data aggregation
- Threat intelligence correlation
- Cloud asset discovery (AWS, Azure, GCP)
- Tools: theHarvester, Amass, Subfinder, Shodan API
Phase 2: Advanced Scanning & Enumeration
Enterprise Features:- Parallel distributed scanning
- Service fingerprinting with ML classification
- Vulnerability correlation across assets
- Zero-day pattern detection
- Tools: Nmap, Masscan, Nuclei, HTTPx, Naabu
Phase 3: Vulnerability Assessment
Enterprise Features:- CVSS v3.1 automated scoring
- Business impact analysis
- Exploit availability assessment
- Compliance framework mapping
- Tools: OpenVAS, Nexpose integration, custom scanners
Phase 4: Exploitation & Post-Exploitation
Enterprise Features:- Safe-mode exploitation with approval workflows
- Privilege escalation enumeration
- Lateral movement mapping
- Data exfiltration simulation
- Tools: Metasploit, CrackMapExec, BloodHound, custom exploits
Phase 5: Enterprise Reporting & Analytics
Enterprise Features:- Executive dashboard with KPIs
- Technical vulnerability details
- Compliance gap analysis
- Risk prioritization matrix
- Outputs: HTML, PDF, JSON, XML, compliance reports
Phase 6: Verification & Retesting
Enterprise Features:- Automated remediation verification
- Regression testing for fixes
- Continuous security monitoring
- Trend analysis and metrics
- Features: Scheduled retests, delta reporting
π Enterprise Interfaces
1. Command Line Interface (CLI)
# Interactive enterprise mode
python3 advance_hackgpt.py
Available options:
1. Full Enterprise Pentest (All 6 Phases)
2. Run Specific Phase
3. Custom Assessment Workflow
4. View Reports & Analytics
5. Real-time Dashboard
6. User & Permission Management
7. System Configuration
8. Compliance Management
9. Cloud & Container Management
10. AI Engine Configuration
2. REST API Server
# Start API server
python3 advance_hackgpt.py --api
Available endpoints:
GET /api/health - Health check
POST /api/pentest/start - Start assessment
GET /api/sessions - List sessions
GET /api/reports/{id} - Get report
POST /api/users - User management
GET /api/compliance - Compliance status
3. Web Dashboard
# Start web dashboard
python3 advance_hackgpt.py --web
Features:
- Real-time assessment monitoring
- Interactive vulnerability management
- Executive summary dashboard
- User and role management
- System configuration
- Compliance reporting
4. Voice Commands (Enterprise)
# Voice command mode
python3 advance_hackgpt.py --voice
Supported commands:
"Start enterprise assessment of example.com"
"Show compliance dashboard"
"Generate executive report"
"Scale worker pool to 10"
π Enterprise Security
Authentication & Authorization
- Multi-Factor Authentication: LDAP/AD + JWT tokens
- Role-Based Access Control: Granular permissions matrix
- Session Management: Secure session handling with timeout
- API Security: Rate limiting, CORS, input validation
Data Protection
- Encryption: AES-256-GCM for data at rest
- Transport Security: TLS 1.3 for data in transit
- Key Management: Automated key rotation
- Audit Logging: Comprehensive activity tracking
Compliance Frameworks
| Framework | Coverage | Reports | Automation | |-----------|----------|---------|------------| | OWASP Top 10 | β Full | β Yes | β Automated | | NIST Cybersecurity Framework | β Full | β Yes | β Automated | | ISO 27001 | β Partial | β Yes | β Semi-automated | | SOC 2 | β Partial | β Yes | β Semi-automated | | PCI DSS | β Partial | β Yes | β Manual |π Monitoring & Analytics
Real-Time Monitoring
- System Metrics: CPU, memory, disk, network utilization
- Application Metrics: Request rates, response times, error rates
- Security Metrics: Vulnerability counts, risk scores, remediation rates
- Business Metrics: Assessment coverage, compliance scores
Alerting
- Email Alerts: Critical vulnerabilities, system issues
- Slack Integration: Real-time notifications to security teams
- Webhook Support: Custom integrations with SIEM systems
- Dashboard Alerts: Visual indicators and notifications
Analytics Dashboard
# Access Grafana dashboard
http://localhost:3000
Login: admin / hackgpt123
Pre-configured dashboards:
- HackGPT System Overview
- Assessment Performance Metrics
- Vulnerability Trend Analysis
- User Activity Dashboard
- Compliance Status Overview
π οΈ Advanced Usage
Multi-Provider AI Models
from aiengine import getadvancedaiengine, listallmodels, getavailableproviders
Initialize with a specific model
engine = getadvancedaiengine(modelid='claude-sonnet-5')
Switch models at runtime
engine.set_model('gemini-3.5-flash')
List all 26+ available models
for model in engine.listavailablemodels():
status = "β
" if model['available'] else "β"
print(f"{status} {model['display_name']} ({model['provider']})")
Check available providers
for provider in getavailableproviders():
print(f"{provider['name']}: {provider['model_count']} models")
Custom Compliance Frameworks
# Add custom compliance framework
from security.compliance import ComplianceFrameworkMapper
mapper = ComplianceFrameworkMapper() mapper.add_framework('CUSTOM', { 'sql_injection': 'SEC-01', 'xss': 'SEC-02', # ... custom mappings })
Kubernetes Deployment
# Deploy to Kubernetes cluster
kubectl apply -f k8s/
Multi-Cloud Deployment
# Deploy to AWS
python3 advance_hackgpt.py --deploy aws
Deploy to Azure
python3 advance_hackgpt.py --deploy azure
Deploy to GCP
python3 advance_hackgpt.py --deploy gcp
π§ͺ Testing & Development
Running Tests
# Unit tests
pytest tests/unit/
Integration tests
pytest tests/integration/
End-to-end tests
pytest tests/e2e/
Security tests
bandit -r .
safety check
Development Setup
# Install development dependencies
pip install -r requirements-dev.txt
Pre-commit hooks
pre-commit install
Code formatting
black .
flake8 .
mypy .
π¦ Enterprise Deployment
Docker Swarm
# Initialize swarm
docker swarm init
Deploy stack
docker stack deploy -c docker-compose.yml hackgpt
Kubernetes
# Create namespace
kubectl create namespace hackgpt
Deploy applications
kubectl apply -f k8s/
Scale workers
kubectl scale deployment hackgpt-worker --replicas=10
Cloud Platforms
AWS Deployment
# ECS deployment
aws ecs create-cluster --cluster-name hackgpt
aws ecs create-service --service-name hackgpt-api
Azure Deployment
# ACI deployment
az container create --resource-group hackgpt --name hackgpt-api
GCP Deployment
# GKE deployment
gcloud container clusters create hackgpt-cluster
kubectl apply -f k8s/
π§ Troubleshooting
Common Enterprise Issues
Database Connection Issues
# Check PostgreSQL status
systemctl status postgresql
docker logs hackgpt-database
Test connection
python3 -c "from database import getdbmanager; print(getdbmanager().test_connection())"
Redis Cache Issues
# Check Redis status
redis-cli ping
docker logs hackgpt-redis
Clear cache
redis-cli FLUSHALL
AI Engine Issues
# List available AI models and providers
python3 -c "from aiengine import listallmodels; [print(m.displayname, m.provider.value) for m in listallmodels()]"
Test provider connectivity
python3 -c "from aiengine.providers import ProviderFactory; print(ProviderFactory.getavailable_providers())"
Check local LLM (Ollama)
ollama list
ollama run llama3.3:70b
Worker Pool Issues
# Check Celery workers
celery -A performance.parallel_processor inspect active
Restart workers
docker-compose restart hackgpt-worker
Performance Optimization
# Database optimization
python3 -c "from database import optimizedatabase; optimizedatabase()"
Cache warming
python3 -c "from performance.cachemanager import warmcache; warm_cache()"
Worker scaling
docker-compose up --scale hackgpt-worker=10
π Enterprise License
This project is licensed under the MIT License with additional enterprise terms:
- Commercial Use: Permitted with attribution
- Enterprise Support: Available through support channels
- Compliance: Tool usage must comply with applicable laws
- Liability: Limited liability for enterprise deployments
π Enterprise Support
Support Channels
- Enterprise Support: yashabalam707@gmail.com
- Technical Issues: https://github.com/yashab-cyber/HackGPT/issues
- Feature Requests: https://github.com/yashab-cyber/HackGPT/discussions
- Security Issues: yashabalam707@gmail.com
- WhatsApp Business: Join Channel
Professional Services
- Implementation: Custom deployment and configuration
- Training: Security team training and certification
- Custom Development: Feature development and integration
- 24/7 Support: Enterprise support packages available
Connect with the Team
π Project Statistics
| Metric | Value | |--------|-------| | Total Lines of Code | 15,000+ | | Enterprise Dependencies | 90+ | | Configuration Options | 200+ | | Environment Variables | 100+ | | Docker Services | 12 | | Supported Compliance Frameworks | 5 | | Penetration Testing Tools | 50+ | | API Endpoints | 25+ | | Deployment Platforms | 6+ |
πΊοΈ Roadmap
Version 2.1 (Q3 2025)
- [x] Multi-provider AI support (OpenAI, Anthropic, Google, DeepSeek, GLM, Local, OpenRouter)
- [x] 26+ model catalog with runtime switching
- [x] Provider fallback chain and automatic detection
- [ ] ML-based false positive reduction
- [ ] Integration with popular SIEM systems
Version 2.2 (Q4 2025)
- [ ] Streaming responses from all providers
- [ ] Automated penetration testing workflows
- [ ] Advanced cloud security assessments
- [ ] Integration with CI/CD pipelines
Version 3.0 (Q1 2026)
- [ ] Fully autonomous security assessments
- [ ] Advanced AI attack simulation
- [ ] Quantum-safe cryptography
- [ ] Next-generation threat detection
π Contributors
Core Development Team
- Lead Developer & Founder: Yashab Alam - @yashab.alam | LinkedIn
- AI/ML Engineer: Enterprise AI Team
- Security Engineer: Enterprise Security Team
- DevOps Engineer: Enterprise Infrastructure Team
- π¬ WhatsApp: Business Channel
Acknowledgments
- OpenAI for GPT-5 and o-series API access
- Anthropic for the Claude model family
- Google DeepMind for Gemini models
- DeepSeek, Zhipu AI (GLM), and OpenRouter
- Ollama team for local LLM support
- Docker & Kubernetes communities
- Security research community
- Open source tool developers
π° Support HackGPT Development
Your donations help accelerate development and support the growing cybersecurity community:Cryptocurrency Donations (Recommended):
- Solana (SOL):
5pEwP9JN8tRCXL5Vc9gQrxRyHHyn7J6P2DCC8cSQKDKT - Bitcoin (BTC):
bc1qmkptg6wqn9sjlx6wf7dk0px0yq4ynr4ukj2x8c
- PayPal: yashabalam707@gmail.com
- Email: yashabalam707@gmail.com
βοΈ Legal & Compliance
β οΈ IMPORTANT LEGAL NOTICE
HackGPT Enterprise is designed for authorized security testing only:
- β Authorized Use: Only use against systems you own or have explicit written permission
- β Compliance: Follow all applicable laws, regulations, and industry standards
- β Responsible Disclosure: Report vulnerabilities through proper channels
- β Documentation: Maintain audit trails and documentation
- β Unauthorized Use: Never use against systems without permission
- β Malicious Activity: Not for criminal or malicious purposes
π HackGPT Enterprise - Transforming Cybersecurity Through AI π
Made with β€οΈ by Yashab Alam for enterprise security teams worldwide
β Star us on GitHub | π° Support Development | π Get Support | π€ Contribute | π License
π Connect with Yashab Alam
π¬ WhatsApp Business | πΎ Discord Channel
Founder & Lead Developer: Yashab Alam
π§ GitHub | πΈ Instagram | π¦ X (Twitter) | πΌ LinkedIn | π§΅ Threads
Email Contacts:
π§ yashabalam9@gmail.com | π§ yashabalam707@gmail.com