Skip to content

DonTrabajo/prox-recon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Prox Recon

Offline-first reconnaissance core — linPEAS parsing + CVE matching, with CI-enforced OPSEC gates.

The public core of Prox Offensive's recon tooling. It turns raw linPEAS output into ranked, reviewable findings, and ships a deterministic demo report built from mock inputs so you can see the output shape without touching a real target.

The recon pipeline runs locally with no telemetry — sensitive enumeration stays on your machine. The only network-capable piece is the opt-in LLM triage layer, which is off by default and talks to whatever endpoint you point it at (local Ollama included).

Part of the Prox Suite. The full operational kit (mesh orchestration, pivot/exploit modules, TUI) is kept private by design; this repo is the publishable core.

What it does

  • linPEAS pipeline — preprocess → parse → triage raw linPEAS into structured findings
  • CVE matcher — extract and rank candidate CVEs from parsed JSON
  • Deterministic demopython3 -m tools.demo builds a sample report from mock inputs
  • Optional LLM triagepython3 -m tools.demo --llm ranks escalation paths via an endpoint you choose (local Ollama or hosted). Opt-in and off by default

What's intentionally excluded (OPSEC)

Engineered to be publish-safe. It does not contain operational notes/runbooks, lab-specific targets/credentials/flags, internal KB/mesh tooling, personas, the TUI, internal hostnames or non-sample IPs, or logs/state. A CI gate (scripts/opsec_scan.py) blocks these patterns on every push and PR.

Quickstart

python3 -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
python3 -m tools.demo

Windows (PowerShell): python -m venv .venv; .\.venv\Scripts\Activate.ps1; pip install -r requirements.txt; python -m tools.demo

Optional: LLM triage

The default demo is fully offline and deterministic. To also rank escalation paths with an LLM, copy .env.example to .env, set an endpoint, and add --llm:

cp .env.example .env   # set OPENAI_BASE_URL (e.g. http://localhost:11434/v1 for Ollama) + key
python3 -m tools.demo --llm

Enumeration still happens locally; only the parsed summary is sent to the endpoint you choose.

Verification gates

  • scripts/preflight.ps1 runs the demo + OPSEC scan locally.
  • CI runs the demo + OPSEC scan on every push/PR.
  • scripts/opsec_testdata/should_fail.txt deliberately holds banned patterns to prove the scanner works; CI excludes that directory so the repo stays publish-safe.

Layout

prox_ops/ recon parsing · tools/ demo entrypoint · examples/ mock inputs + generated report · docs/ ARCHITECTURE + SECURITY · scripts/ preflight + OPSEC scan

Related

License

MIT — see LICENSE.

About

Prox Recon — offline-first recon core (linPEAS parsing + CVE matching) with CI-enforced OPSEC gates. Public core of Prox Offensive's recon tooling.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors