Portfolio-grade cybersecurity platform that imports Nmap XML scans, enriches discovered services with CVE intelligence, performs risk assessment, stores scan history, and generates professional security assessment reports.
AI Security Copilot is a Python-based vulnerability assessment platform designed for cybersecurity students, penetration testers, and security enthusiasts.
The platform automates the workflow from Nmap scan ingestion to vulnerability enrichment, risk assessment, historical scan tracking, and PDF report generation.
Key capabilities include:
- Nmap XML parsing
- CVE intelligence enrichment
- Risk assessment using CVSS
- Historical scan storage
- Dashboard visualization
- PDF report generation
- Automated testing and CI/CD
- Nmap XML upload workflow
- XML validation and sanitization
- Host discovery
- Service enumeration
- Historical scan tracking
- Official NVD API integration
- Local CVE fallback database
- CVE normalization layer
- Source tracking (
nvd,local_fallback,no_match)
- CVSS-based scoring
- Low / Medium / High / Critical classifications
- Automated recommendations
- AI-style analyst summaries
- Flask web interface
- Risk-colored findings
- Historical scan page
- Individual scan details page
- Upload and analysis workflow
- Professional PDF reports
- Executive summary
- Findings section
- Recommendations section
- Risk breakdown
- Automated unit tests
- GitHub Actions CI
- Bandit security scanning
- Configuration management
- Modular architecture
Nmap XML Upload
|
v
Create Scan Record
|
v
XML Parser
|
v
Host Discovery
|
v
Service Discovery
|
v
CVE Provider
/ \
NVD API Local Fallback
|
v
Risk Engine
|
v
AI Analysis
|
v
SQLite Database
|
+----+----+
| |
v v
Dashboard PDF Report
Additional documentation:
docs/architecture.md
AI-Security-Copilot/
│
├── ai/
├── cve/
├── database/
├── docs/
├── parser/
├── reports/
├── risk/
├── scans/
├── screenshots/
├── scripts/
├── templates/
├── tests/
│
├── app.py
├── config.py
├── version.py
├── requirements.txt
├── requirements-dev.txt
├── pyproject.toml
└── README.md
Clone the repository:
git clone https://github.com/ritheesh2808/AI-Security-Copilot.git
cd AI-Security-CopilotCreate a virtual environment:
python -m venv venv
source venv/bin/activateInstall dependencies:
pip install -r requirements.txtValidate requirements:
python scripts/check_requirements.pyInitialize the database:
python database/db.pyStart the dashboard:
python app.pyOpen:
http://127.0.0.1:5000
Upload Nmap XML
↓
Parse Hosts & Services
↓
Lookup CVEs
↓
Assess Risk
↓
Generate Findings
↓
Store in SQLite
↓
View Dashboard
↓
Generate PDF Report
Run all tests:
python -m unittest discover -s testsSecurity scan:
bandit -r . -x ./venv,./testsDependency validation:
python scripts/check_requirements.py- Python
- Flask
- SQLite
- Nmap
- NVD API
- ReportLab
- Bootstrap 5
- GitHub Actions
- Bandit
This project is intended for educational purposes, cybersecurity learning, research, and authorized security assessments only.
Only scan and assess systems that you own or have explicit permission to test.
- User authentication
- Docker deployment
- Gunicorn production deployment
- CISA KEV integration
- EPSS integration
- Scan comparison engine
- Remediation tracking
- Multi-user support
- Local LLM integration (Ollama)
Current Release: v1.1.0
Ritheesh M G
Cyber Security Engineering Student
GitHub: https://github.com/ritheesh2808
Released under the MIT License.