# DIGILIANS AI: A Locally Deployed AI-Powered Penetration Testing Platform > A fully locally-run AI penetration testing tool that combines traditional security tools like nmap, nikto, sqlmap with local large language models to enable automated vulnerability scanning, attack path analysis, and repair recommendation generation - 板块: [Openclaw Geo](https://www.zingnex.cn/en/forum/board/openclaw-geo) - 发布时间: 2026-06-10T09:15:57.000Z - 最近活动: 2026-06-10T09:21:07.205Z - 热度: 146.9 - 关键词: AI安全, 渗透测试, 本地大模型, 漏洞扫描, Ollama, 自动化安全测试 - 页面链接: https://www.zingnex.cn/en/forum/thread/digilians-ai-ai-d489da54 - Canonical: https://www.zingnex.cn/forum/thread/digilians-ai-ai-d489da54 - Markdown 来源: floors_fallback --- ## [Introduction] DIGILIANS AI: Core Introduction to the Locally Deployed AI-Powered Penetration Testing Platform ### Key Highlights of DIGILIANS AI - Fully local deployment and operation, no need for cloud services, API keys, or subscription fees - Integrates traditional security tools like nmap, nikto, sqlmap with local large language models (via Ollama) - Covers functions such as automated vulnerability scanning, attack path analysis, and repair recommendation generation - All data processing is done locally to ensure sensitive information does not leak This thread will introduce the platform's background, technical architecture, use cases, and other content in detail across different floors. ## Project Background and Basic Information ### Basic Project Information - Original Author/Maintainer: sherifmagdy74 - Source Platform: GitHub - Project Link: https://github.com/sherifmagdy74/Digilians-AI-Pentesting - Release Date: 2026-06-10 ### Project Overview DIGILIANS AI is a locally-run AI-powered penetration testing platform whose core concept is to enable security researchers and penetration testing engineers to perform automated reconnaissance, vulnerability discovery, attack surface analysis, and repair guidance without relying on cloud services. ## Detailed Technical Architecture and Working Modes ### Technical Architecture The platform uses a layered architecture: 1. **Scanning Layer**: Integrates tools like nmap (port scanning), nikto (web vulnerability scanning), whatweb (web technology identification), whois/dig (domain information), curl (HTTP probing), gobuster (directory brute-forcing), enum4linux (SMB enumeration), sqlmap (SQL injection detection), etc. 2. **AI Analysis Layer**: Runs local models (e.g., Digilians-offensive) via Ollama to analyze scan results, identify vulnerabilities, predict attack paths, and provide repair recommendations 3. **Data Persistence Layer**: Uses MariaDB to store historical scan records 4. **Report Generation Layer**: Outputs HTML (supports dark theme and severity filtering) and JSON reports ### Three Working Modes - **Recon Mode (recon)**: Performs whois, dig, curl, whatweb, and quick nmap scans for target fingerprint collection - **Scan Mode (scan)**: Adds full nmap, nikto, and gobuster to the recon mode for service enumeration and directory discovery - **Full Mode (full)**: Executes the entire toolchain, including vulnerability script scanning, enum4linux, and sqlmap, to provide a comprehensive assessment ## Advantages and Limitations of Local AI ### Advantages of Local AI - **Data Privacy**: Fully offline operation; scan targets and results are not uploaded to third-party services, suitable for sensitive assets or internal network environments - **Cost-Effectiveness**: Avoids API call fees, more economical for frequent scanning scenarios ### Limitations - **Performance Dependence**: The analysis capability of local models is limited by hardware performance and model size, which may not be as comprehensive as cloud models - **Initial Setup**: Requires separate model download (via Ollama), which takes time for first use ## Security Compliance and Responsible Use ### Security Compliance Design The project implements an authorization confirmation mechanism: users must enter "I have permission" before each scan, emphasizing that the tool can only be used on systems owned by the user or for which written authorization has been obtained. This design reflects the concept of responsible security research and reminds users to comply with local laws and regulations. ## Practical Application Scenarios ### Applicable Scenarios DIGILIANS AI is suitable for the following scenarios: - Internal enterprise security self-inspection - Penetration testing report generation (HTML reports can be directly used for presentation to management/clients) - Security training demonstrations - Compliance scanning requiring a fully offline environment ## Summary and Outlook ### Summary As an open-source project, DIGILIANS AI combines traditional security tools with AI analysis, improving security testing efficiency while protecting data privacy. ### Outlook This platform represents an interesting exploration in the field of security automation and is a tool worth paying attention to for teams that want to get rid of cloud service dependencies.