yashab-cyber
HackGpt
Python

HackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices architecture, and comprehensive security frameworks to deliver professional-grade cybersecurity assessments.

Last updated Jul 10, 2026
900
Stars
184
Forks
0
Issues
+7
Stars/day
Attention Score
93
Language breakdown
Python 85.5%
HTML 8.6%
CSS 4.0%
Shell 1.1%
JavaScript 0.7%
Dockerfile 0.1%
β–Έ Files click to expand
README

HackGPT Enterprise Logo

πŸš€ HackGPT Enterprise

AI-Powered Penetration Testing Platform

Python 3.8+ Multi-Platform MIT License AI Multi-Provider

Microservices Cloud Native Version 2026.07.beta.4 Production Ready Discord Server

HackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices architecture, and comprehensive security frameworks to deliver professional-grade cybersecurity assessments.

Created by Yashab Alam

πŸ’° Support the Project: Donate to HackGPT Development | Help us build the future of AI-powered penetration testing!

🏒 Enterprise Features

πŸ€– Advanced AI Engine β€” Multi-Provider Support

  • 7 AI Providers: OpenAI, Anthropic (Claude), Google (Gemini), DeepSeek, GLM (Zhipu), Local LLMs (Ollama), OpenRouter
  • 26+ AI Models: GPT-5, GPT-5.6, o3, o4-mini, Claude Sonnet 5, Opus 4.8, Gemini 3.5 Flash, 3.1 Pro, DeepSeek R1, and more
  • Runtime Model Switching: Change AI models on-the-fly with automatic provider fallback
  • Machine Learning: Pattern recognition, anomaly detection, behavioral analysis
  • Zero-Day Detection: ML-powered vulnerability discovery and correlation
  • Risk Intelligence: CVSS scoring, impact assessment, exploit prioritization
  • Automated Reporting: Executive summaries, technical details, compliance mapping

πŸ›‘οΈ Advanced SOC Analysis & SIEM Integration

  • Advanced SOC Engine: Multi-format log parser/normalizer, IOC extraction, MITRE ATT&CK technique mapping
  • Sliding-Window Correlation: Real-time event grouping, deduplication, and multi-stage attack timeline reconstruction
  • Statistical Anomalies: Z-score volume profiling, off-hours execution, and IP/host diversity tracking
  • Incident Response Playbooks: AI-driven IR response guidelines customized per attack vector
  • SIEM Connectors: Native connectors for Splunk (HEC & searches), IBM QRadar (Ariel AQL), Elasticsearch, and customizable Webhooks

πŸ›‘οΈ Enterprise Security & Compliance

  • Authentication: RBAC + LDAP/Active Directory integration
  • Authorization: Role-based permissions (Admin, Lead, Senior, Pentester, Analyst)
  • Compliance: OWASP, NIST, ISO27001, SOC2, PCI-DSS frameworks
  • Audit Logging: Comprehensive activity tracking and forensics
  • Data Protection: AES-256-GCM encryption, JWT tokens, secure sessions

πŸ—οΈ Cloud-Native Architecture

  • Microservices: Docker containers with Kubernetes orchestration
  • Service Discovery: Consul-based service registry
  • Load Balancing: Nginx reverse proxy with auto-scaling
  • Multi-Cloud: AWS, Azure, GCP deployment support
  • High Availability: Circuit breakers, health checks, failover

⚑ Performance & Scalability

  • Parallel Processing: Celery-based distributed task execution
  • Multi-Layer Caching: Redis + memory caching with TTL management
  • Database: PostgreSQL with connection pooling and replication
  • Real-Time: WebSocket dashboards with live updates
  • Auto-Scaling: Worker pools adapt to workload demands

πŸ“Š Enterprise Reporting & Analytics

  • Dynamic Reports: HTML, PDF, JSON, XML, CSV export formats
  • Real-Time Dashboards: Prometheus + Grafana monitoring stack
  • Log Analytics: ELK stack (Elasticsearch + Kibana) integration
  • Executive Summaries: AI-generated business impact assessments
  • Compliance Reports: Framework-specific compliance documentation

πŸš€ Quick Start

Prerequisites

  • Operating System: Linux (Ubuntu/Debian/RHEL/CentOS), macOS, or Windows WSL2
  • Python: 3.8+ with pip and virtual environment support
  • Docker: For containerized deployment (recommended)
  • Resources: Minimum 4GB RAM, 20GB disk space

Enterprise Installation

# Clone the repository
git clone https://github.com/yashab-cyber/HackGPT.git
cd HackGPT

Run enterprise installer (sets up all services)

chmod +x install.sh ./install.sh

Configure environment

cp .env.example .env

Edit .env with your API keys and settings

nano .env

Verify installation

python3 test_installation.py

Deployment Options

1. Standalone Enterprise Mode

# Activate virtual environment
source venv/bin/activate

Run enterprise application

python3 advance_hackgpt.py

2. API Server Mode

# Start REST API server
python3 advance_hackgpt.py --api

API available at: http://localhost:8000

Health check: http://localhost:8000/api/health

3. Web Dashboard Mode

# Start web dashboard
python3 advance_hackgpt.py --web

Dashboard available at: http://localhost:8080

4. Full Enterprise Stack (Recommended)

# Deploy complete microservices stack
docker-compose up -d

Services:

- API Server: http://localhost:8000

- Web Dashboard: http://localhost:8080

- Monitoring: http://localhost:9090 (Prometheus)

- Analytics: http://localhost:3000 (Grafana)

- Logs: http://localhost:5601 (Kibana)

5. Direct Assessment Mode

# Run immediate assessment
python3 advance_hackgpt.py \
  --target example.com \
  --scope "Web application and API" \
  --auth-key "ENTERPRISE-2025-AUTH" \
  --assessment-type black-box \
  --compliance OWASP

πŸ—οΈ Enterprise Architecture

Core Components

graph TD
    A[Load Balancer/Nginx] --> B[HackGPT API Gateway]
    B --> C[Authentication Service]
    B --> D[AI Engine Service] 
    B --> E[Exploitation Service]
    B --> F[Reporting Service]
    B --> SOC[SOC Analysis Service]
    
    C --> G[LDAP/AD]
    D --> H[OpenAI API]
    D --> H2[Anthropic API]
    D --> H3[Google Gemini API]
    D --> H4[DeepSeek API]
    D --> H5[GLM / Zhipu API]
    D --> H6[OpenRouter API]
    D --> I[Local LLM / Ollama]
    D --> J[ML Models]
    
    E --> K[Parallel Processor]
    F --> L[Report Generator]
    
    SOC --> S1[Splunk HEC/Search API]
    SOC --> S2[IBM QRadar Ariel API]
    SOC --> S3[Elasticsearch Query DSL]
    SOC --> S4[Webhook Alerts]
    
    K --> M[Celery Workers]
    M --> N[Redis Queue]
    
    B --> O[PostgreSQL]
    B --> P[Redis Cache]
    
    Q[Prometheus] --> R[Grafana]
    S[Elasticsearch] --> T[Kibana]

Service Stack

| Service | Purpose | Port | Technology | |---------|---------|------|------------| | hackgpt-app | Main application | 8000, 8080 | Python/Flask | | hackgpt-soc | SOC & SIEM Correlation Engine | - | Python / Log Normalizer | | hackgpt-worker | Background tasks | - | Celery | | hackgpt-database | Data persistence | 5432 | PostgreSQL 15 | | hackgpt-redis | Cache & queues | 6379 | Redis 7 | | prometheus | Metrics collection | 9090 | Prometheus | | grafana | Monitoring dashboard | 3000 | Grafana | | elasticsearch | Log aggregation | 9200 | Elasticsearch | | kibana | Log visualization | 5601 | Kibana | | consul | Service discovery | 8500 | Consul | | nginx | Load balancer | 80, 443 | Nginx |

πŸ”§ Configuration

Enterprise Configuration (config.ini)

The configuration file supports 200+ options across multiple categories:

[app]
debug = false
environment = production
max_sessions = 100

[database] url = postgresql://hackgpt:hackgpt123@localhost:5432/hackgpt pool_size = 20 backup_enabled = true

[ai] default_model = gpt-5 default_provider = openaiapikey = yourkeyhere anthropicapikey = yourkeyhere googleapikey = yourkeyhere enablelocalfallback = true confidence_threshold = 0.8

[security] secretkey = yoursecret_here jwt_algorithm = HS256 ratelimitenabled = true

[ldap] server = ldaps://your-ldap-server.com:636 bind_dn = cn=admin,dc=example,dc=com

[compliance] frameworks = OWASP,NIST,ISO27001,SOC2,PCI-DSS autocompliancecheck = true

[cloud] docker_host = unix:///var/run/docker.sock serviceregistrybackend = consul

Environment Variables (.env)

Over 100 environment variables for enterprise deployment:

# Core Services
DATABASE_URL=postgresql://hackgpt:hackgpt123@localhost:5432/hackgpt
REDIS_URL=redis://localhost:6379/0

AI Configuration β€” Multi-Provider

HACKGPTMODEL=gpt-5 # Any model from aiengine/model_registry.py OPENAIAPIKEY=youropenaiapi_key ANTHROPICAPIKEY=youranthropicapi_key GOOGLEAPIKEY=yourgoogleapi_key DEEPSEEKAPIKEY=yourdeepseekapi_key GLMAPIKEY=yourglmapi_key OPENROUTERAPIKEY=youropenrouterapi_key LOCALLLMENDPOINT=http://localhost:11434

Security

SECRETKEY=yoursecret_key JWTSECRETKEY=yourjwtsecret LDAP_SERVER=ldaps://your-ldap.com:636

Cloud Providers

AWSACCESSKEYID=youraws_key AZURESUBSCRIPTIONID=yourazureid GCPPROJECTID=yourgcpproject

Monitoring

PROMETHEUS_ENDPOINT=http://localhost:9090 GRAFANAAPIKEY=yourgrafanakey ELASTICSEARCH_ENDPOINT=http://localhost:9200

🎯 Enterprise Penetration Testing

Enhanced 6-Phase Methodology

Phase 1: Intelligence Gathering & Reconnaissance

Enterprise Features:
  • AI-powered OSINT automation
  • Multi-source data aggregation
  • Threat intelligence correlation
  • Cloud asset discovery (AWS, Azure, GCP)
  • Tools: theHarvester, Amass, Subfinder, Shodan API

Phase 2: Advanced Scanning & Enumeration

Enterprise Features:
  • Parallel distributed scanning
  • Service fingerprinting with ML classification
  • Vulnerability correlation across assets
  • Zero-day pattern detection
  • Tools: Nmap, Masscan, Nuclei, HTTPx, Naabu

Phase 3: Vulnerability Assessment

Enterprise Features:
  • CVSS v3.1 automated scoring
  • Business impact analysis
  • Exploit availability assessment
  • Compliance framework mapping
  • Tools: OpenVAS, Nexpose integration, custom scanners

Phase 4: Exploitation & Post-Exploitation

Enterprise Features:
  • Safe-mode exploitation with approval workflows
  • Privilege escalation enumeration
  • Lateral movement mapping
  • Data exfiltration simulation
  • Tools: Metasploit, CrackMapExec, BloodHound, custom exploits

Phase 5: Enterprise Reporting & Analytics

Enterprise Features:
  • Executive dashboard with KPIs
  • Technical vulnerability details
  • Compliance gap analysis
  • Risk prioritization matrix
  • Outputs: HTML, PDF, JSON, XML, compliance reports

Phase 6: Verification & Retesting

Enterprise Features:
  • Automated remediation verification
  • Regression testing for fixes
  • Continuous security monitoring
  • Trend analysis and metrics
  • Features: Scheduled retests, delta reporting

πŸ“Š Enterprise Interfaces

1. Command Line Interface (CLI)

# Interactive enterprise mode
python3 advance_hackgpt.py

Available options:

1. Full Enterprise Pentest (All 6 Phases)

2. Run Specific Phase

3. Custom Assessment Workflow

4. View Reports & Analytics

5. Real-time Dashboard

6. User & Permission Management

7. System Configuration

8. Compliance Management

9. Cloud & Container Management

10. AI Engine Configuration

2. REST API Server

# Start API server
python3 advance_hackgpt.py --api

Available endpoints:

GET /api/health - Health check

POST /api/pentest/start - Start assessment

GET /api/sessions - List sessions

GET /api/reports/{id} - Get report

POST /api/users - User management

GET /api/compliance - Compliance status

3. Web Dashboard

# Start web dashboard
python3 advance_hackgpt.py --web

Features:

- Real-time assessment monitoring

- Interactive vulnerability management

- Executive summary dashboard

- User and role management

- System configuration

- Compliance reporting

4. Voice Commands (Enterprise)

# Voice command mode
python3 advance_hackgpt.py --voice

Supported commands:

"Start enterprise assessment of example.com"

"Show compliance dashboard"

"Generate executive report"

"Scale worker pool to 10"

πŸ” Enterprise Security

Authentication & Authorization

  • Multi-Factor Authentication: LDAP/AD + JWT tokens
  • Role-Based Access Control: Granular permissions matrix
  • Session Management: Secure session handling with timeout
  • API Security: Rate limiting, CORS, input validation

Data Protection

  • Encryption: AES-256-GCM for data at rest
  • Transport Security: TLS 1.3 for data in transit
  • Key Management: Automated key rotation
  • Audit Logging: Comprehensive activity tracking

Compliance Frameworks

| Framework | Coverage | Reports | Automation | |-----------|----------|---------|------------| | OWASP Top 10 | βœ… Full | βœ… Yes | βœ… Automated | | NIST Cybersecurity Framework | βœ… Full | βœ… Yes | βœ… Automated | | ISO 27001 | βœ… Partial | βœ… Yes | βœ… Semi-automated | | SOC 2 | βœ… Partial | βœ… Yes | βœ… Semi-automated | | PCI DSS | βœ… Partial | βœ… Yes | βœ… Manual |

πŸ“ˆ Monitoring & Analytics

Real-Time Monitoring

  • System Metrics: CPU, memory, disk, network utilization
  • Application Metrics: Request rates, response times, error rates
  • Security Metrics: Vulnerability counts, risk scores, remediation rates
  • Business Metrics: Assessment coverage, compliance scores

Alerting

  • Email Alerts: Critical vulnerabilities, system issues
  • Slack Integration: Real-time notifications to security teams
  • Webhook Support: Custom integrations with SIEM systems
  • Dashboard Alerts: Visual indicators and notifications

Analytics Dashboard

# Access Grafana dashboard
http://localhost:3000

Login: admin / hackgpt123

Pre-configured dashboards:

- HackGPT System Overview

- Assessment Performance Metrics

- Vulnerability Trend Analysis

- User Activity Dashboard

- Compliance Status Overview

πŸ› οΈ Advanced Usage

Multi-Provider AI Models

from aiengine import getadvancedaiengine, listallmodels, getavailableproviders

Initialize with a specific model

engine = getadvancedaiengine(modelid='claude-sonnet-5')

Switch models at runtime

engine.set_model('gemini-3.5-flash')

List all 26+ available models

for model in engine.listavailablemodels(): status = "βœ…" if model['available'] else "❌" print(f"{status} {model['display_name']} ({model['provider']})")

Check available providers

for provider in getavailableproviders(): print(f"{provider['name']}: {provider['model_count']} models")

Custom Compliance Frameworks

# Add custom compliance framework
from security.compliance import ComplianceFrameworkMapper

mapper = ComplianceFrameworkMapper() mapper.add_framework('CUSTOM', { 'sql_injection': 'SEC-01', 'xss': 'SEC-02', # ... custom mappings })

Kubernetes Deployment

# Deploy to Kubernetes cluster
kubectl apply -f k8s/

Multi-Cloud Deployment

# Deploy to AWS
python3 advance_hackgpt.py --deploy aws

Deploy to Azure

python3 advance_hackgpt.py --deploy azure

Deploy to GCP

python3 advance_hackgpt.py --deploy gcp

πŸ§ͺ Testing & Development

Running Tests

# Unit tests
pytest tests/unit/

Integration tests

pytest tests/integration/

End-to-end tests

pytest tests/e2e/

Security tests

bandit -r . safety check

Development Setup

# Install development dependencies
pip install -r requirements-dev.txt

Pre-commit hooks

pre-commit install

Code formatting

black . flake8 . mypy .

πŸ“¦ Enterprise Deployment

Docker Swarm

# Initialize swarm
docker swarm init

Deploy stack

docker stack deploy -c docker-compose.yml hackgpt

Kubernetes

# Create namespace
kubectl create namespace hackgpt

Deploy applications

kubectl apply -f k8s/

Scale workers

kubectl scale deployment hackgpt-worker --replicas=10

Cloud Platforms

AWS Deployment

# ECS deployment
aws ecs create-cluster --cluster-name hackgpt
aws ecs create-service --service-name hackgpt-api

Azure Deployment

# ACI deployment
az container create --resource-group hackgpt --name hackgpt-api

GCP Deployment

# GKE deployment
gcloud container clusters create hackgpt-cluster
kubectl apply -f k8s/

πŸ”§ Troubleshooting

Common Enterprise Issues

Database Connection Issues

# Check PostgreSQL status
systemctl status postgresql
docker logs hackgpt-database

Test connection

python3 -c "from database import getdbmanager; print(getdbmanager().test_connection())"

Redis Cache Issues

# Check Redis status
redis-cli ping
docker logs hackgpt-redis

Clear cache

redis-cli FLUSHALL

AI Engine Issues

# List available AI models and providers
python3 -c "from aiengine import listallmodels; [print(m.displayname, m.provider.value) for m in listallmodels()]"

Test provider connectivity

python3 -c "from aiengine.providers import ProviderFactory; print(ProviderFactory.getavailable_providers())"

Check local LLM (Ollama)

ollama list ollama run llama3.3:70b

Worker Pool Issues

# Check Celery workers
celery -A performance.parallel_processor inspect active

Restart workers

docker-compose restart hackgpt-worker

Performance Optimization

# Database optimization
python3 -c "from database import optimizedatabase; optimizedatabase()"

Cache warming

python3 -c "from performance.cachemanager import warmcache; warm_cache()"

Worker scaling

docker-compose up --scale hackgpt-worker=10

πŸ“„ Enterprise License

This project is licensed under the MIT License with additional enterprise terms:

  • Commercial Use: Permitted with attribution
  • Enterprise Support: Available through support channels
  • Compliance: Tool usage must comply with applicable laws
  • Liability: Limited liability for enterprise deployments

πŸ†˜ Enterprise Support

Support Channels

  • Enterprise Support: yashabalam707@gmail.com
  • Technical Issues: https://github.com/yashab-cyber/HackGPT/issues
  • Feature Requests: https://github.com/yashab-cyber/HackGPT/discussions
  • Security Issues: yashabalam707@gmail.com
  • WhatsApp Business: Join Channel

Professional Services

  • Implementation: Custom deployment and configuration
  • Training: Security team training and certification
  • Custom Development: Feature development and integration
  • 24/7 Support: Enterprise support packages available

Connect with the Team

πŸ“Š Project Statistics

| Metric | Value | |--------|-------| | Total Lines of Code | 15,000+ | | Enterprise Dependencies | 90+ | | Configuration Options | 200+ | | Environment Variables | 100+ | | Docker Services | 12 | | Supported Compliance Frameworks | 5 | | Penetration Testing Tools | 50+ | | API Endpoints | 25+ | | Deployment Platforms | 6+ |

πŸ—ΊοΈ Roadmap

Version 2.1 (Q3 2025)

  • [x] Multi-provider AI support (OpenAI, Anthropic, Google, DeepSeek, GLM, Local, OpenRouter)
  • [x] 26+ model catalog with runtime switching
  • [x] Provider fallback chain and automatic detection
  • [ ] ML-based false positive reduction
  • [ ] Integration with popular SIEM systems

Version 2.2 (Q4 2025)

  • [ ] Streaming responses from all providers
  • [ ] Automated penetration testing workflows
  • [ ] Advanced cloud security assessments
  • [ ] Integration with CI/CD pipelines

Version 3.0 (Q1 2026)

  • [ ] Fully autonomous security assessments
  • [ ] Advanced AI attack simulation
  • [ ] Quantum-safe cryptography
  • [ ] Next-generation threat detection

πŸ™ Contributors

Core Development Team

  • Lead Developer & Founder: Yashab Alam - @yashab.alam | LinkedIn
  • AI/ML Engineer: Enterprise AI Team
  • Security Engineer: Enterprise Security Team
  • DevOps Engineer: Enterprise Infrastructure Team

Acknowledgments

  • OpenAI for GPT-5 and o-series API access
  • Anthropic for the Claude model family
  • Google DeepMind for Gemini models
  • DeepSeek, Zhipu AI (GLM), and OpenRouter
  • Ollama team for local LLM support
  • Docker & Kubernetes communities
  • Security research community
  • Open source tool developers

πŸ’° Support HackGPT Development

Your donations help accelerate development and support the growing cybersecurity community:

Cryptocurrency Donations (Recommended):

  • Solana (SOL): 5pEwP9JN8tRCXL5Vc9gQrxRyHHyn7J6P2DCC8cSQKDKT
  • Bitcoin (BTC): bc1qmkptg6wqn9sjlx6wf7dk0px0yq4ynr4ukj2x8c
Traditional Payment: πŸ“„ Full Donation Information: DONATE.md - Support tiers, funding goals, and recognition programs

βš–οΈ Legal & Compliance

⚠️ IMPORTANT LEGAL NOTICE

HackGPT Enterprise is designed for authorized security testing only:

  • βœ… Authorized Use: Only use against systems you own or have explicit written permission
  • βœ… Compliance: Follow all applicable laws, regulations, and industry standards
  • βœ… Responsible Disclosure: Report vulnerabilities through proper channels
  • βœ… Documentation: Maintain audit trails and documentation
  • ❌ Unauthorized Use: Never use against systems without permission
  • ❌ Malicious Activity: Not for criminal or malicious purposes
The developers and contributors are not liable for misuse of this platform.

HackGPT Enterprise

πŸš€ HackGPT Enterprise - Transforming Cybersecurity Through AI πŸš€

Made with ❀️ by Yashab Alam for enterprise security teams worldwide

⭐ Star us on GitHub | πŸ’° Support Development | πŸ“ž Get Support | 🀝 Contribute | πŸ“„ License

πŸ”— Connect with Yashab Alam

πŸ’¬ WhatsApp Business | πŸ‘Ύ Discord Channel

Founder & Lead Developer: Yashab Alam
πŸ”§ GitHub | πŸ“Έ Instagram | 🐦 X (Twitter) | πŸ’Ό LinkedIn | 🧡 Threads

Email Contacts:
πŸ“§ yashabalam9@gmail.com | πŸ“§ yashabalam707@gmail.com

πŸ”— More in this category

Β© 2026 GitRepoTrend Β· yashab-cyber/HackGpt Β· Updated daily from GitHub