362 lines
9.4 KiB
Markdown
362 lines
9.4 KiB
Markdown
<!-- WEHUB_ZH_README -->
|
||
> [!NOTE]
|
||
> 本文档由 WeHub 基于上游 README 翻译整理,属于社区翻译,非官方中文文档。
|
||
> [English](./README.en.md) · [原始项目](https://github.com/sooryathejas/METATRON) · [上游 README](https://github.com/sooryathejas/METATRON/blob/HEAD/README.md)
|
||
> 原作者、版权与许可证归属以原始项目及本仓库 LICENSE 文件为准。
|
||
|
||
# METATRON
|
||
在 Linux(Parrot OS)上使用本地 LLM 的 AI 驱动渗透测试助手
|
||
# 🔱 METATRON
|
||
### AI 驱动的渗透测试助手
|
||
|
||
<p align="center">
|
||
<img src="screenshots/banner.png" alt="Metatron Banner" width="800"/>
|
||
</p>
|
||
|
||
<p align="center">
|
||
<img src="https://img.shields.io/badge/Python-3.x-blue?style=for-the-badge&logo=python"/>
|
||
<img src="https://img.shields.io/badge/OS-Parrot%20Linux-green?style=for-the-badge&logo=linux"/>
|
||
<img src="https://img.shields.io/badge/AI-metatron--qwen-red?style=for-the-badge"/>
|
||
<img src="https://img.shields.io/badge/DB-MariaDB-orange?style=for-the-badge&logo=mariadb"/>
|
||
<img src="https://img.shields.io/badge/License-MIT-yellow?style=for-the-badge"/>
|
||
</p>
|
||
|
||
---
|
||
|
||
## 📌 什么是 Metatron?
|
||
|
||
**Metatron** 是一款基于 CLI 的 AI 渗透测试助手,完全在本地机器上运行——无需云端、无需 API 密钥、无需订阅。
|
||
|
||
你提供一个目标 IP 或域名。它会运行真实的侦察工具(nmap、whois、whatweb、curl、dig、nikto),将所有结果馈送给本地运行的 AI 模型,由 AI 分析目标、识别漏洞、建议利用方式并推荐修复方案。所有内容都会保存到 MariaDB 数据库,并保留完整的扫描历史。
|
||
|
||
---
|
||
|
||
## ✨ 功能特性
|
||
|
||
- 🤖 **本地 AI 分析** — 通过 Ollama 由 `metatron-qwen` 驱动,100% 离线运行
|
||
- 🔍 **自动化侦察** — nmap、whois、whatweb、curl 请求头、dig DNS、nikto
|
||
- 🌐 **网络搜索** — DuckDuckGo 搜索 + CVE 查询(无需 API 密钥)
|
||
- 🗄️ **MariaDB 后端** — 完整扫描历史,含 5 张关联表
|
||
- ✏️ **编辑 / 删除** — 可直接从 CLI 修改任何已保存的结果
|
||
- 🔁 **智能体循环(Agentic Loop)** — AI 可在分析过程中请求运行更多工具
|
||
- 🚫 **无需 API 密钥** — 一切免费且本地运行
|
||
-📤 导出报告
|
||
|
||
Metatron 允许你通过选择「2.view history」→ 选择序号并导出,将扫描结果导出为清晰、可分享的报告格式
|
||
|
||
📄 PDF — 专业漏洞报告
|
||
🌐 HTML — 可在浏览器中查看的报告
|
||
---
|
||
|
||
## 🖥️ 截图
|
||
|
||
<p align="center">
|
||
<img src="screenshots/main_menu.png" alt="Main Menu" width="700"/>
|
||
<br><i>主菜单</i>
|
||
</p>
|
||
|
||
<p align="center">
|
||
<img src="screenshots/scan_running.png" alt="Scan Running" width="700"/>
|
||
<br><i>在目标上运行的侦察工具</i>
|
||
</p>
|
||
|
||
<p align="center">
|
||
<img src="screenshots/ai_analysis.png" alt="AI Analysis" width="700"/>
|
||
<br><i>metatron-qwen 分析扫描结果</i>
|
||
</p>
|
||
|
||
<p align="center">
|
||
<img src="screenshots/results.png" alt="Results" width="700"/>
|
||
<br><i>漏洞已保存至数据库</i>
|
||
</p>
|
||
<p align="center"> <img src="screenshots/export_menu.png" alt="Export Menu" width="700"/> <br><i>将扫描结果导出为 PDF 和/或 HTML</i> </p>
|
||
---
|
||
|
||
## 🧱 技术栈
|
||
|
||
| 组件 | 技术 |
|
||
|------------|-------------------------------------|
|
||
| 语言 | Python 3 |
|
||
| AI 模型 | metatron-qwen(微调的 Qwen 3.5) |
|
||
| 基础模型 | huihui_ai/qwen3.5-abliterated:9b |
|
||
| LLM 运行器 | Ollama |
|
||
| 数据库 | MariaDB |
|
||
| 操作系统 | Parrot OS(基于 Debian) |
|
||
| 搜索 | DuckDuckGo(免费,无需密钥) |
|
||
|
||
---
|
||
|
||
## ⚙️ 安装
|
||
|
||
### 1. 克隆仓库
|
||
|
||
```bash
|
||
git clone https://github.com/sooryathejas/METATRON.git
|
||
cd METATRON
|
||
```
|
||
|
||
### 2. 创建并激活虚拟环境
|
||
|
||
```bash
|
||
python3 -m venv venv
|
||
source venv/bin/activate
|
||
```
|
||
|
||
### 3. 安装 Python 依赖
|
||
|
||
```bash
|
||
pip install -r requirements.txt
|
||
```
|
||
|
||
### 4. 安装系统工具
|
||
|
||
```bash
|
||
sudo apt install nmap whois whatweb curl dnsutils nikto
|
||
```
|
||
|
||
---
|
||
|
||
## 🤖 AI 模型配置
|
||
|
||
### 步骤 1 — 安装 Ollama
|
||
|
||
```bash
|
||
curl -fsSL https://ollama.com/install.sh | sh
|
||
```
|
||
|
||
### 步骤 2 — 下载基础模型
|
||
|
||
```bash
|
||
ollama pull huihui_ai/qwen3.5-abliterated:9b
|
||
```
|
||
|
||
> ⚠️ 此模型至少需要 8.4 GB 内存。若系统内存不足,请使用 4b 变体:
|
||
> ```bash
|
||
> ollama pull huihui_ai/qwen3.5-abliterated:4b
|
||
> ```
|
||
> 然后编辑 `Modelfile`,将 FROM 行改为 4b 模型。
|
||
|
||
### 步骤 3 — 构建自定义 metatron-qwen 模型
|
||
|
||
仓库包含 `Modelfile`,使用渗透测试专用参数对基础模型进行微调:
|
||
|
||
```bash
|
||
ollama create metatron-qwen -f Modelfile
|
||
```
|
||
|
||
这将创建本地 `metatron-qwen` 模型,配置为:
|
||
- 16,384 token 上下文窗口
|
||
- Temperature: 0.7
|
||
- Top-k: 10
|
||
- Top-p: 0.9
|
||
|
||
### 步骤 4 — 验证模型是否存在
|
||
|
||
```bash
|
||
ollama list
|
||
```
|
||
|
||
你应在列表中看到 `metatron-qwen`。
|
||
|
||
---
|
||
|
||
## 🗄️ 数据库配置
|
||
|
||
### 步骤 1 — 确保 MariaDB 正在运行
|
||
|
||
```bash
|
||
sudo systemctl start mariadb
|
||
sudo systemctl enable mariadb
|
||
```
|
||
|
||
### 步骤 2 — 创建数据库和用户
|
||
|
||
```bash
|
||
mysql -u root
|
||
```
|
||
|
||
```sql
|
||
CREATE DATABASE metatron;
|
||
CREATE USER 'metatron'@'localhost' IDENTIFIED BY '123';
|
||
GRANT ALL PRIVILEGES ON metatron.* TO 'metatron'@'localhost';
|
||
FLUSH PRIVILEGES;
|
||
EXIT;
|
||
```
|
||
|
||
### 步骤 3 — 创建表
|
||
|
||
```bash
|
||
mysql -u metatron -p123 metatron
|
||
```
|
||
|
||
```sql
|
||
CREATE TABLE history (
|
||
sl_no INT AUTO_INCREMENT PRIMARY KEY,
|
||
target VARCHAR(255) NOT NULL,
|
||
scan_date DATETIME NOT NULL,
|
||
status VARCHAR(50) DEFAULT 'active'
|
||
);
|
||
|
||
CREATE TABLE vulnerabilities (
|
||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||
sl_no INT,
|
||
vuln_name TEXT,
|
||
severity VARCHAR(50),
|
||
port VARCHAR(20),
|
||
service VARCHAR(100),
|
||
description TEXT,
|
||
FOREIGN KEY (sl_no) REFERENCES history(sl_no)
|
||
);
|
||
|
||
CREATE TABLE fixes (
|
||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||
sl_no INT,
|
||
vuln_id INT,
|
||
fix_text TEXT,
|
||
source VARCHAR(50),
|
||
FOREIGN KEY (sl_no) REFERENCES history(sl_no),
|
||
FOREIGN KEY (vuln_id) REFERENCES vulnerabilities(id)
|
||
);
|
||
|
||
CREATE TABLE exploits_attempted (
|
||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||
sl_no INT,
|
||
exploit_name TEXT,
|
||
tool_used TEXT,
|
||
payload LONGTEXT,
|
||
result TEXT,
|
||
notes TEXT,
|
||
FOREIGN KEY (sl_no) REFERENCES history(sl_no)
|
||
);
|
||
|
||
CREATE TABLE summary (
|
||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||
sl_no INT,
|
||
raw_scan LONGTEXT,
|
||
ai_analysis LONGTEXT,
|
||
risk_level VARCHAR(50),
|
||
generated_at DATETIME,
|
||
FOREIGN KEY (sl_no) REFERENCES history(sl_no)
|
||
);
|
||
```
|
||
|
||
---
|
||
|
||
## 🚀 使用方法
|
||
|
||
运行 Metatron 需要**两个终端标签页**。
|
||
|
||
### 终端 1 — 加载 AI 模型
|
||
|
||
```bash
|
||
ollama run metatron-qwen
|
||
```
|
||
|
||
等待直到出现 `>>>` 提示符。这表示模型已加载到内存并就绪。你可让此终端在后台继续运行。
|
||
|
||
### 终端 2 — 启动 Metatron
|
||
|
||
```bash
|
||
cd ~/METATRON
|
||
source venv/bin/activate
|
||
python metatron.py
|
||
```
|
||
|
||
---
|
||
|
||
### 操作流程
|
||
|
||
**1. 主菜单出现:**
|
||
```
|
||
[1] New Scan
|
||
[2] View History
|
||
[3] Exit
|
||
```
|
||
|
||
**2. 选择 [1] New Scan → 输入你的目标:**
|
||
```
|
||
[?] Enter target IP or domain: 192.168.1.1
|
||
```
|
||
or
|
||
```
|
||
[?] Enter target IP or domain: example.com
|
||
```
|
||
|
||
**3. 选择要运行的侦察工具:**
|
||
```
|
||
[1] nmap
|
||
[2] whois
|
||
[3] whatweb
|
||
[4] curl headers
|
||
[5] dig DNS
|
||
[6] nikto
|
||
[a] Run all (except nikto)
|
||
[n] Run all + nikto (slow)
|
||
```
|
||
|
||
**4. Metatron 运行工具,将结果馈送给 AI,并打印分析结果。**
|
||
|
||
**5. 所有内容会自动保存到 MariaDB。**
|
||
|
||
**6. 扫描完成后,你可以编辑或删除任何结果。**
|
||
|
||
---
|
||
|
||
## 📁 项目结构
|
||
|
||
```
|
||
METATRON/
|
||
├── metatron.py ← main CLI entry point
|
||
├── db.py ← MariaDB connection and all CRUD operations
|
||
├── tools.py ← recon tool runners (nmap, whois, etc.)
|
||
├── llm.py ← Ollama interface and AI tool dispatch loop
|
||
├── search.py ← DuckDuckGo web search and CVE lookup
|
||
├── Modelfile ← custom model config for metatron-qwen
|
||
├── requirements.txt ← Python dependencies
|
||
├── .gitignore ← excludes venv, pycache, db files
|
||
├── LICENSE ← MIT License
|
||
├── README.md ← this file
|
||
└── screenshots/ ← terminal screenshots for documentation
|
||
```
|
||
|
||
---
|
||
|
||
## 🗃️ 数据库结构(Database Schema)
|
||
|
||
所有 5 张表均通过 `history` 表中的 `sl_no`(会话编号,session number)相互关联:
|
||
|
||
```
|
||
history ← one row per scan session (sl_no is the spine)
|
||
│
|
||
├── vulnerabilities ← vulns found, linked by sl_no
|
||
│ │
|
||
│ └── fixes ← fixes per vuln, linked by vuln_id + sl_no
|
||
│
|
||
├── exploits_attempted ← exploits tried, linked by sl_no
|
||
│
|
||
└── summary ← full AI analysis dump, linked by sl_no
|
||
```
|
||
|
||
---
|
||
|
||
## ⚠️ 免责声明
|
||
|
||
本工具仅用于**教育目的及经授权的渗透测试(penetration testing)**。
|
||
|
||
- 仅在你拥有所有权,或已获得**明确书面许可**的系统上使用 Metatron。
|
||
- 未经授权扫描或利用系统属于**违法行为**。
|
||
- 作者不对本工具的任何滥用承担任何责任。
|
||
|
||
---
|
||
|
||
## 👤 作者
|
||
|
||
**Soorya Thejas**
|
||
- GitHub: [@sooryathejas](https://github.com/sooryathejas)
|
||
|
||
---
|
||
|
||
## 📄 许可证
|
||
|
||
本项目采用 MIT License 授权 — 详情请参阅 [LICENSE](LICENSE) 文件。
|