OXYNAS Sentinel is a comprehensive security analysis platform that combines code scanning, network reconnaissance, and AI-powered vulnerability assessment into one integrated solution.

• Semgrep Integration: Static analysis of source code using Semgrep rules
• Multiple Language Support: Python, JavaScript, Java, and more
• Custom Rulesets: Choose specialized security rulesets or language-specific ones

• Nmap Scanning: Port discovery and service identification
• Subdomain Discovery: Find hidden subdomains using built-in DNS techniques
• Directory Fuzzing: Identify hidden directories and files on web servers

• Vulnerability Assessment: AI evaluation of detected security issues
• Remediation Suggestions: Get AI-generated fixes for identified vulnerabilities
• Risk Prioritization: Intelligent sorting of findings by severity and impact

• Python 3.10+
• Git
• Nmap (for network scanning)

1. Clone the repository:

git clone https://github.com/yourusername/oxynas.git
cd oxynas

2. Create a virtual environment and activate it:

python -m venv .venv
source .venv/bin/activate  # On Windows: .venv\Scripts\activate

3. Install dependencies:

pip install -r requirements.txt

4. Run the application:

python oxynas_analyzer_gui.py

1. Select a ZIP file containing your source code
2. Choose an appropriate ruleset for your code
3. Start the analysis
4. Review findings and AI-generated recommendations

1. Enter a target URL or domain
2. Select reconnaissance options (subdomain discovery, directory fuzzing)
3. Run a comprehensive scan
4. Analyze the scan results and identified vulnerabilities

• analyzer.py: Core code analysis functionality using Semgrep
• nmap.py: Network scanning functionality
• subfinder.py: Subdomain discovery module
• dirfuzzer.py: Directory fuzzing implementation
• ai_model.py: AI analysis of vulnerabilities
• utils.py: Utility functions for file handling
• oxynas_analyzer_gui.py: Graphical user interface

To use Semgrep's advanced features, you can add your Semgrep API token to a .env file:

SEMGREP_APP_TOKEN=your_token_here

Contributions are welcome! Please feel free to submit a Pull Request.

This project is licensed under the MIT License - see the LICENSE file for details.

• Built with Semgrep for static code analysis
• Utilizes dirsearch for directory fuzzing capabilities
• Leverages Nmap for network reconnaissance