P4 Pentester

By: Umer | p4Panda

P4 Pentester is a next-generation, AI-powered co-pilot designed to augment the capabilities of penetration testers and security professionals. It integrates seamlessly with Burp Suite to provide real-time traffic analysis, automated vulnerability detection, and intelligent, context-aware attack tools, all managed from a single, intuitive web dashboard.

Core Features

• Live API Mapping: Automatically ingests traffic from Burp Suite to build a comprehensive, real-time map of the target application's attack surface.
• AI Vulnerability Analysis: Leverages Gemini or local Ollama models to passively analyze HTTP traffic, identifying potential vulnerabilities with actionable descriptions and suggested payloads.
• AI Command Center: A conversational AI chat interface with full context of your project's API map and discovered vulnerabilities. Ask complex questions in natural language to quickly identify high-value targets.
• Attacking Panda: An AI-driven attack module that generates tailored, ready-to-send HTTP requests to test for specific vulnerabilities like SQL Injection, XSS, and Broken Access Control.
• Panda Terminal: A secure, containerized Kali Linux environment with an AI co-pilot. The AI observes your commands and provides strategic advice, next steps, and pro-tips in real-time.
• Interactive Tools: Includes a full-featured Repeater for manual request manipulation and an AI Analysis Workbench for on-demand deep dives into specific requests.
• Centralized Dashboard: A unified view of all findings, hosts, and endpoints, with real-time updates and data visualizations.

Tech Stack

• Frontend: Next.js, React, TypeScript, Tailwind CSS, ShadCN UI
• AI Backend: Google Genkit, supporting Gemini and local models via Ollama
• Terminal Environment: Docker, Kali Linux, Node.js, Express, Socket.io
• Proxy Integration: Burp Suite Extension (Python/Jython)

---

Local Development Setup

To run the project locally, you will need to run four separate processes in four different terminals.

Prerequisites

• Node.js (v20.x or later recommended)
• npm (usually comes with Node.js)
• Docker Desktop installed and running.

Step 1: Clone the Repository & Install Dependencies

First, clone the project and install all the necessary npm packages.

git clone https://github.com/SecureWithUmer/pentest_copilot.git
cd pentest-copilot
npm install

Step 2: Configure Environment

Configure your AI provider. You can use Google Gemini (cloud) or Ollama (local).

1. Go to Settings: Navigate to http://localhost:9002/settings in the running application.
2. Choose Provider:
   • For Google Gemini: Select "Google Gemini" and enter your API key. It will be saved to a local .env file. A full application restart is required after saving the key.
   • For Ollama: Select "Ollama (Local)", ensure Ollama is running, and specify the model you want to use (e.g., llama3, phi3).

Step 3: Start the Docker Container (Required for Panda Terminal)

The Panda Terminal executes commands inside a secure, containerized Kali Linux environment.

1. First-Time Setup (Build the Image): This command only needs to be run once, or whenever the Dockerfile changes.

   docker build -t pentest-copilot-kali-img .

2. Start the Container: This starts the container in the background.

   docker run -dit --name pentest-copilot-kali pentest-copilot-kali-img

   You only need to run this once. If the container is stopped, you can restart it with docker start pentest-copilot-kali.

Step 4: Run the Application Components

Open four separate terminal windows in the project root directory and run one command in each.

Terminal 1: Start the Next.js Frontend

npm run dev

This serves the main web application on http://localhost:9002.

Terminal 2: Start the Genkit AI Backend

npm run genkit:dev

This starts the AI server that handles all Genkit flows on http://localhost:3400.

Terminal 3: Start the Panda Terminal Backend

npm run terminal:dev

This starts the server that connects the web UI to the Docker container on http://localhost:3001.

Terminal 4: (Optional) Monitor Docker Container

docker logs -f pentest-copilot-kali

This is useful for debugging the terminal environment.

Step 5: Configure Burp Suite Extension

To forward traffic from Burp Suite to your dashboard, you need to load the provided Python extension.

1. Configure Jython in Burp:

   • Download the Jython Standalone JAR from the official Jython website.
   • In Burp Suite, go to Extender -> Options.
   • Under "Python Environment", select the Jython JAR file you downloaded.

2. Load the Extension:

   • Go to Extender -> Extensions.
   • Click Add.
   • Set "Extension type" to Python.
   • Select the main.py file located in the src/burp_extension directory of this project.

Once loaded, check the extension's Output tab in Burp. You should see a "Successfully forwarded" message for requests passing through the Burp Proxy.

You are now all set! Open your browser to http://localhost:9002 and start your penetration test.