DIGILIANS AI: A Fully Local AI-Driven Penetration Testing Platform

This project is an AI-powered penetration testing assistant based on large language models, designed to run completely locally without cloud API keys. It integrates multiple security tools to automate reconnaissance, vulnerability discovery, and repair suggestion generation. Key features include private deployment, no subscription fees, and support for generating professional reports.

Traditional penetration testing relies heavily on tester experience, requiring mastery of many tools and analysis of outputs, which limits accessibility for small teams. Most AI security tools depend on cloud APIs, posing data leakage risks and ongoing costs. DIGILIANS AI addresses these issues with its "fully local" design—no cloud services, no API keys, no subscriptions—enabling private AI-driven security testing.

Architecture: Modular design integrating traditional tools and local AI. Components:

• Tool Execution Layer (nmap, whois, nikto, sqlmap etc., wrapped via tools/runner.py)
• AI Analysis Engine (uses Ollama to run Digilians-offensive model for vulnerability identification, attack path prediction, repair suggestions)
• Data Persistence (MariaDB for history)
• Report Generation (HTML with dark theme, JSON for integration)

Workflow: Input target → run tool chain → AI analysis → generate reports & store history.

Modes:

• Recon (info collection: whois, dig, nmap quick scan)
• Scan (full nmap, nikto, gobuster)
• Full (all tools + enum4linux, sqlmap)

Deployment: Compatible with Kali Linux. Requires Python3.8+, Ollama, Digilians-offensive model, MariaDB, and pre-installed tools (nmap, nikto etc.). Quick start takes ~15 mins.

Compliance: Built-in authorization check (user must confirm "I have permission" before scanning)

Value:

• Lowers technical threshold for small teams
• Automates data processing to save time
• Local run ensures data privacy
• AI suggestions aid knowledge transfer

Limitations:

• Dependent on Digilians-offensive model (limited generality)
• Missing tools for WAF detection, API security
• Fixed HTML report templates
• No multi-user collaboration

Future improvements: Community contributions to expand tool coverage, model support, and add enterprise features.

DIGILIANS AI shows a practical application of LLMs in security testing, focusing on solving real pain points (tool integration, data privacy, efficiency). It acts as an AI assistant to free experts from repetitive tasks, letting them focus on high-value work. As local LLMs advance, more such tools are expected to drive the industry toward efficiency and inclusivity.