Releases: cortexc0de/argus-lite
Releases · cortexc0de/argus-lite
v6.0.0 — Goal Hierarchy, Knowledge Base, Meta-Learning, Markdown Skills
What's New in v6.0.0
Goal Hierarchy
Mission-driven planning: the agent pursues strategic objectives, not just "find vulns."
argus agent example.com --mission data_exfiltration
argus agent example.com --mission admin_access
argus agent example.com --mission rceKnowledge Base
6 built-in exploit patterns the agent applies based on detected tech stack:
- WordPress CSRF chains
- GraphQL introspection → IDOR
- Laravel debug → .env leak
- JWT algorithm confusion
- SSRF via redirect
- File upload bypass
Meta-Learning
Agent tracks skill effectiveness per technology and auto-adjusts strategy.
Markdown Skill System
Define custom skills as .md files that Argus auto-loads:
---
name: check_wordpress
description: WordPress-specific security checks
tools: [nuclei, httpx]
---
1. Probe /wp-admin for accessibility
2. Run nuclei with wordpress tagsBug Fixes
- Finding severity: expanded from INFO|LOW to full 5-level scale
- Nuclei severity mapping was inverting HIGH to LOW
- DNSX targets were computed but never passed
- XSS severity: LOW → MEDIUM; SQLi: LOW → HIGH
- 11 critical bugs fixed, 63 new audit tests
Repository
- Professional README with banner and collapsible sections
- Full documentation suite (docs/)
- CONTRIBUTING, SECURITY, CODE_OF_CONDUCT, CHANGELOG
- GitHub issue/PR templates, CI workflow, Dependabot
Stats
- 808 tests passing
- 15 tools + 7 OSINT APIs
- 11 built-in skills + custom markdown skills
See CHANGELOG.md for full version history.
Argus v1.2.0 — Bulk Scanner (Mass Scanning Pipeline)
What's New in v1.2.0
🔍 Bulk Scanner — Three-Stage Mass Scanning Pipeline
Scan up to 50 hosts in a single session with automatic parallelization.
Stage 1 — Target Discovery
argus bulk targets.txt # from file (one host per line)
argus bulk 192.168.1.0/24 # from CIDR range
argus bulk AS12345 # from ASN (uses bgpview.io, no key needed)
argus bulk --shodan "org:Acme" # from Shodan query (requires ARGUS_SHODAN_KEY)
argus bulk targets.txt 10.0.1.0/24 # multiple sources combinedStage 2 — Recon + Technology Identification
The new bulk preset runs per-target: dns → httpx → techstack → headers
Stage 3 — Automated Vulnerability Checking
nuclei + CVE correlation (NVD API) on every live host
Results
- Individual reports per target:
~/.argus-lite/scans/bulk-{id}/{host}/report.html - Combined summary:
~/.argus-lite/scans/bulk-{id}/summary.html- Stats: targets / live hosts / findings / CVEs / highest risk
- Per-host table with risk badges + links to individual reports
- Technology distribution heatmap
- CVEs found on multiple hosts
# Full example:
argus bulk targets.txt --preset web --concurrency 5 --output htmlTechnical Details
asyncio.Semaphore(concurrency)— parallel scanning with configurable limit- Partial failures isolated — one host failing doesn't abort the run
TargetExpander: file / CIDR (ipaddressstdlib) / ASN (bgpview.io API) / ShodanBulkConfig:max_concurrent=5,max_targets=50(configurable)
Tests
491 tests (40 new) — all passing
Argus v1.1.0 — CVE Correlation, TUI, Scan Templates, GitHub Actions, Docker
What's New in v1.1.0
🔍 CVE Correlation (NVD API)
Automatically queries the National Vulnerability Database after detecting technologies. Shows CVE IDs and CVSS scores in reports.
- Detects CVEs for any technology with a known version (WordPress 6.3.1, Apache 2.4, PHP 8.0, etc.)
- CVSS v3.1 / v3.0 / v2 score parsing
- Configurable via
ARGUS_NVD_KEY(free API key increases rate limit from 5 to 50 req/30s)
🖥️ Interactive TUI
Beautiful real-time scan dashboard powered by Textual.
argus scan example.com --tui- Left panel: live stage progress log
- Right panel: findings as they're discovered
- Press
Qto exit after scan completes
📄 YAML Scan Templates
Declarative scan configuration — share and version-control your scan configs.
argus run examples/quick_scan.yaml --target example.com
# or: TARGET=example.com argus run examples/quick_scan.yaml🤖 GitHub Actions Integration
Use Argus as a CI/CD security gate:
- uses: cortexc0de/argus-lite@v1
with:
target: ${{ vars.SCAN_TARGET }}
preset: quick
fail-on: HIGH
output-format: sarifUploads SARIF reports to GitHub Security tab automatically.
🐳 Docker Image
Run on any platform without Kali Linux:
docker run -v ./reports:/reports ghcr.io/cortexc0de/argus-lite scan example.com --no-confirmTest Coverage
- 451 tests (40 new) — all passing
- CVE enricher: 12 tests
- TUI: 8 tests
- Scan templates: 10 tests
- Exit code: 8 tests
Installation
# Kali Linux (native — recommended):
git clone https://github.com/cortexc0de/argus-lite
cd argus-lite && sudo ./install.sh
# Docker (any platform):
docker pull ghcr.io/cortexc0de/argus-lite:v1.1.0Argus v1.0.0 — AI-Powered Security Scanner
Argus v1.0.0
AI-powered security scanner for Kali Linux with smart pipeline technology.
Highlights
- 14 integrated tools — subfinder, naabu, nuclei, httpx, katana, dnsx, tlsx, whatweb, ffuf, gau, gowitness + Shodan, VirusTotal, SecurityTrails APIs
- AI Analysis — OpenAI-compatible LLM generates executive summaries, attack chains, prioritized findings, and tech-specific recommendations
- Smart Pipeline — tools automatically feed data to each other (subdomains → httpx → nuclei, crawled paths → ffuf, tech detection → nuclei tags)
- 4 scan presets — quick, full, recon, web
- 5 report formats — JSON, Markdown, HTML (dark theme), SARIF (CI/CD), Web Dashboard
- Risk scoring — automatic NONE/LOW/MEDIUM/HIGH assessment
- Parallel execution — asyncio-based concurrent tool execution (3-5x faster)
- Notifications — Telegram, Discord, Slack webhooks
- Plugin system — drop-in Python plugins
- Resume — continue interrupted scans
- Incremental scanning — diff engine to track new/resolved findings
Install
git clone https://github.com/cortexc0de/argus-lite.git ~/argus-lite
cd ~/argus-lite && sudo ./install.shQuick Start
argus scan example.com --preset full --output html --ai
argus dashboardStats
- 411 tests, 84% coverage
- 75+ source files
- Built with SDD/TDD methodology