SnapExploit Elite is a powerful security analysis platform that combines static code analysis, web vulnerability scanning, and AI-powered penetration testing to help security professionals identify and remediate security vulnerabilities in web applications and codebases.
- Static Code Analysis: Scan JavaScript and Python files for common security vulnerabilities
- Web Application Scanning: Analyze web applications for vulnerabilities by crawling and testing
- Admin Interface Discovery: Identify and test admin login pages with default credentials
- Comprehensive Rule Set: Detect hardcoded credentials, SQL injection, XSS, eval usage, and more
- LLM Integration: Leverage large language models (Ollama) for advanced vulnerability analysis
- Automated Exploitation: Test discovered vulnerabilities with AI-assisted techniques
- Attack Scenario Generation: Get detailed attack chains and exploitation paths
- Remediation Guidance: Receive prioritized, actionable recommendations
- Interactive Dashboard: Visualize scan results with severity-based metrics
- Detailed Findings: View comprehensive vulnerability details with evidence
- Professional Reports: Generate HTML reports for stakeholders
- Export Options: Save results in JSON, CSV, and text formats
- Admin Credential Testing: Test discovered admin interfaces with common credentials
- Session Management Testing: Identify session fixation and insecure cookie practices
- Customizable Scans: Configure scan parameters and rules
- Recent Scans History: Track and revisit previous scan results
- Python 3.7+
- Ollama (for LLM features)
- pip package manager
- Clone the repository:
[git clone https://github.com/joshyboo25/SnapExploitElite.git]
cd SnapExploitElite- Install dependencies:
pip install -r requirements.txt- Install Ollama (for LLM features):
- Windows: Download from Ollama Download Page
**macOS**: `brew install ollama`
**Linux**: curl -fsSL https://ollama.ai/install.sh | sh- Pull an LLM model (e.g., llama2):
ollama pull llama2
- Start Ollama server:
ollama serve
python snap_ui_main.py
python build.py- Launch the application
- Select a scan type (File, Directory, or URL)
- Enter your target
- Configure scan options
- Click "Start Security Scan"
- Select "File" or "Directory" scan type
- Browse to your target file/directory
- Enable Python scanning if needed
- Start the scan
- Review findings in the Results tab
- Select "URL" scan type
- Enter the target URL
- Enable admin interface scanning
- Start the scan
- Test discovered admin credentials in the Admin tab
- Ensure Ollama is running and configured
- Run a scan to discover vulnerabilities
- Click "Run LLM Analysis" for AI-powered insights
- Review attack scenarios and remediation guidance
Configure LLM integration in the Settings tab:
- LLM API URL: Typically
http://localhost:11434/api/generate - LLM Model: Model name (e.g.,
llama2) - Temperature: Controls randomness (0.1-1.0)
- Max Tokens: Maximum response length
- Max File Size: Limit for scanned files (MB)
- Scan Timeout: Maximum scan duration (seconds)
- Admin Paths: Custom paths to test for admin interfaces
- Credentials: Default credentials to test against admin interfaces
SnapExploitElite/
βββ assets/ # Application assets (icons, etc.)
βββ config/ # Configuration files
β βββ constants.py # Application constants and settings
β βββ __init__.py
βββ core/ # Core functionality
β βββ admin_engine.py # Admin interface discovery engine
β βββ models.py # Data models
β βββ scanner.py # Security scanner
β βββ __init__.py
βββ reports/ # Report generation
β βββ generator.py # Report generator
β βββ templates/ # HTML report templates
βββ ui/ # User interface components
β βββ admin_tab.py # Admin findings tab
β βββ main_window.py # Main application window
β βββ penetration_tab.py # Penetration testing tab
β βββ results_tab.py # Results display tab
β βββ scanner_tab.py # Scanner controls tab
β βββ settings_tab.py # Settings tab
β βββ __init__.py
βββ build.py # Build script for executable
βββ requirements.txt # Python dependencies
βββ setup.py # Package configuration
βββ snap_ui_main.py # Main application entry point
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE) file for details.
For support, please open an issue on the GitHub repository or contact the development team at Collinsjosh767@gmail.com.
- Ethical Use: This tool is designed for security professionals to identify vulnerabilities in systems they own or have permission to test. Unauthorized scanning of systems is illegal.
- Data Privacy: Scan results may contain sensitive information. Store reports securely.
- Network Impact: Web scanning can generate significant network traffic. Use responsibly.
- False Positives: Always verify findings manually before taking action.
- Add support for additional programming languages
- Implement automated vulnerability exploitation
- Add integration with vulnerability databases (CVE, CWE)
- Implement scheduled scanning
- Add team collaboration features
- Implement cloud-based scanning
- Add support for additional LLM providers
For more detailed documentation, please refer to:
- Ollama team for their excellent LLM serving platform
- BeautifulSoup for HTML parsing capabilities
- The open-source community for countless valuable resources