A comprehensive vulnerability assessment and remediation platform that processes OpenVAS XML scan reports and provides AI-powered remediation recommendations with threat intelligence integration.
- OpenVAS XML Report Processing: Convert and analyze OpenVAS scan reports
- AI-Powered Remediation: Machine learning-based vulnerability remediation recommendations
- Threat Intelligence Integration: Real-time CVE data from multiple sources (NVD, Vulners, MITRE)
- Exploit Database Integration: ExploitDB integration for exploit availability assessment
- Interactive Dashboard: Real-time vulnerability tracking and visualization
- Multi-API Support: Vulners, NVD, Shodan, and Ollama API integration
- Severity Prediction: ML-based vulnerability severity classification
- Comprehensive Reporting: HTML reports with detailed vulnerability analysis
- Installation
- Configuration
- XML File Upload Workflow
- Supported File Formats
- API Integration
- Usage
- Architecture
- API Endpoints
- Troubleshooting
- Python 3.8+
- pip package manager
- Git
- GPU Requirements (for AI processing):
- NVIDIA GPU with CUDA support (recommended)
- Minimum 4GB VRAM for basic models
- 8GB+ VRAM for optimal performance
- CUDA 11.0+ and cuDNN 8.0+
- System Requirements:
- 8GB+ RAM (16GB+ recommended)
- 10GB+ free disk space
- Internet connection for API access
Windows:
# Download from https://ollama.ai/download
# Or use winget
winget install Ollama.OllamamacOS:
# Download from https://ollama.ai/download
# Or use Homebrew
brew install ollamaLinux:
curl -fsSL https://ollama.ai/install.sh | sh# Start the Ollama service
ollama serve
# In a new terminal, pull a model
ollama pull mistral# Test Ollama API
curl http://localhost:11434/api/tags-
Clone the repository
git clone <repository-url> cd pipeline
-
Install dependencies
pip install -r requirements.txt
-
Configure paths in settings.py
IMPORTANT: You must update the paths in
config/settings.pyto match your system:# Change this line in config/settings.py (around line 25) BASE_DIR = Path(__file__).parent.parent.absolute() # If your project is in a different location, update it like this: # BASE_DIR = Path("C:/Users/YourUsername/Desktop/pipeline/pipeline") # BASE_DIR = Path("/home/username/pipeline/pipeline")
-
Set up environment variables Create a
.envfile in the root directory:VULNERS_API_KEY=your_vulners_api_key SHODAN_API_KEY=your_shodan_api_key OLLAMA_API_KEY=your_ollama_api_key NVD_API_KEY=your_nvd_api_key_optional OLLAMA_BASE_URL=http://localhost:11434 OLLAMA_MODEL=mistral FLASK_SECRET_KEY=your-secure-secret-key
-
Create required directories
# The system will create these automatically, but you can pre-create them: mkdir -p uploads integrated_results cve_cache mitre_cache remediation_cache mkdir -p exploitdb models static/data templates -
Run Prerequisite Check (Recommended)
python prereq-script-updated.py
This script will:
- Check Python version compatibility
- Verify all required directories exist
- Validate required files are present
- Check package dependencies
- Create missing files if needed
- Test OpenVAS module functionality
-
Initialize the system
python app2.py
{
"vm_ip": "192.168.1.11",
"scan_mode": "quick",
"api_key": "your_api_key",
"webhook_url": "",
"auto_scan": false,
"email_notify": false,
"debug_mode": false
}The system is designed to work with an OpenVAS backend running on Kali Linux or similar penetration testing distributions. The frontend communicates with the OpenVAS server via HTTP requests.
If you're using VMware for the OpenVAS backend:
-
Network Adapter Configuration
VMware Settings β Network Adapter β Bridge Mode- Bridge Mode: Allows direct network communication between host and VM
- NAT Mode: Will NOT work for OpenVAS scanning
- Host-Only: Will NOT work for external scanning
-
Why Bridge Mode is Required
- OpenVAS sends HTTP requests to target systems
- Bridge mode allows the VM to appear as a separate device on your network
- Enables proper port scanning and vulnerability assessment
- Allows bidirectional communication between frontend and backend
The OpenVAS server typically runs on specific ports that need to be accessible:
| Service | Default Port | Purpose |
|---|---|---|
| OpenVAS Manager | 9390 | Management interface |
| OpenVAS Scanner | 9391 | Scanning engine |
| Greenbone Security Manager | 9392 | Web interface |
| GSA (Web UI) | 9392 | Web-based management |
In the application settings page, configure the OpenVAS Server IP Address:
-
Find Your VM's IP Address
# On Kali Linux VM ip addr show # or ifconfig
-
Configure in Application
- Go to Settings page in the web interface
- Set "OpenVAS Server IP Address" to your VM's IP
- Example:
192.168.1.100(your VM's bridge network IP)
-
Test Connectivity
# From Windows host, test connection to VM ping 192.168.1.100 # Test OpenVAS web interface curl http://192.168.1.100:9392
Windows Host:
# Allow incoming connections from VM
netsh advfirewall firewall add rule name="OpenVAS Backend" dir=in action=allow remoteip=192.168.1.100Kali Linux VM:
# Allow OpenVAS services through firewall
ufw allow 9390/tcp
ufw allow 9391/tcp
ufw allow 9392/tcpOn your Kali Linux VM, ensure OpenVAS services are running:
# Check OpenVAS services status
systemctl status openvas-manager
systemctl status openvas-scanner
systemctl status greenbone-security-assistant
# Start services if not running
systemctl start openvas-manager
systemctl start openvas-scanner
systemctl start greenbone-security-assistant
# Enable services to start on boot
systemctl enable openvas-manager
systemctl enable openvas-scanner
systemctl enable greenbone-security-assistantCommon Issues:
-
Connection Refused
Error: Cannot connect to OpenVAS serverSolution:
- Verify VM is using Bridge mode
- Check OpenVAS services are running
- Verify IP address in settings
- Test network connectivity
-
Port Not Accessible
Error: Port 9392 is not accessibleSolution:
- Check firewall settings on both host and VM
- Verify OpenVAS is listening on correct ports
- Use
netstat -tlnpto check listening ports
-
Scan Targets Not Reachable
Error: Cannot reach scan targetsSolution:
- Ensure VM has network access to target systems
- Check routing table:
route -n - Verify DNS resolution if scanning by hostname
Docker Setup:
# If using Docker for OpenVAS
docker run -d -p 9390:9390 -p 9391:9391 -p 9392:9392 greenbone/openvasDirect Installation:
# Install OpenVAS directly on host system
apt update && apt install openvas
openvas-setupCRITICAL: You must configure the paths in config/settings.py before running the system.
# Line 25 in config/settings.py
BASE_DIR = Path(__file__).parent.parent.absolute()
# If your project is in a different location, change it to:
BASE_DIR = Path("C:/Users/YourUsername/Desktop/pipeline/pipeline") # Windows
# BASE_DIR = Path("/home/username/pipeline/pipeline") # Linux/macOS# Update API keys in config/settings.py (lines 100-150)
API_CONFIG = {
'VULNERS': {
'API_KEY': os.getenv('VULNERS_API_KEY', ''),
'RATE_LIMIT': 100,
},
'NVD': {
'API_KEY': os.getenv('NVD_API_KEY', ''),
'RATE_LIMIT': 1000,
},
'SHODAN': {
'API_KEY': os.getenv('SHODAN_API_KEY', ''),
'RATE_LIMIT': 100,
},
'OLLAMA': {
'BASE_URL': os.getenv('OLLAMA_BASE_URL', 'http://localhost:11434'),
'DEFAULT_MODEL': os.getenv('OLLAMA_MODEL', 'mistral'),
},
}# Lines 160-180 in config/settings.py
APP_SETTINGS = {
'FLASK': {
'SECRET_KEY': os.getenv('FLASK_SECRET_KEY', 'replace-me-with-a-secure-key'),
'DEBUG': os.getenv('FLASK_DEBUG', 'False').lower() == 'true',
'HOST': os.getenv('FLASK_HOST', '127.0.0.1'),
'PORT': int(os.getenv('FLASK_PORT', 5000)),
},
}# Lines 190-200 in config/settings.py
'PROCESSING': {
'MAX_FILE_SIZE': 50 * 1024 * 1024, # 50MB file size limit
'CHUNK_SIZE': 8192,
'ENCODING': 'utf-8',
},pipeline/
βββ app2.py # Main Flask application
βββ xml_to_json.py # XML to JSON converter
βββ enhanced_remediation_system_fixed.py # AI remediation engine
βββ prereq-script-updated.py # Prerequisite checker (run first)
βββ threat_intelligence.py # Threat intelligence integration
βββ process_download_openvas.py # OpenVAS processing module
βββ config/
β βββ settings.py # Main configuration file
β βββ __init__.py
βββ uploads/ # Uploaded XML files
βββ integrated_results/ # Processing results
βββ cve_cache/ # CVE data cache
βββ mitre_cache/ # MITRE ATT&CK cache
βββ remediation_cache/ # Remediation data cache
βββ exploitdb/ # Exploit database files
βββ models/ # ML models
βββ static/ # Web assets
β βββ css/ # Stylesheets
β βββ js/ # JavaScript files
β βββ data/ # Static data files
βββ templates/ # HTML templates
βββ logs/ # Application logs
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β Windows Host β β VMware VM β β Target Systems β
β (Frontend) βββββΊβ (Kali Linux) βββββΊβ (Scan Targets)β
β Port 5000 β β (OpenVAS) β β β
β β β Port 9390-9392β β β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β β β
β Bridge Mode β Bridge Mode β
β Network β Network β
βΌ βΌ βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Local Network (192.168.1.x) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Create a .env file in the root directory with these variables:
# API Keys
VULNERS_API_KEY=your_vulners_api_key_here
SHODAN_API_KEY=your_shodan_api_key_here
NVD_API_KEY=your_nvd_api_key_here
# Ollama Configuration
OLLAMA_BASE_URL=http://localhost:11434
OLLAMA_MODEL=mistral
OLLAMA_TIMEOUT=60
OLLAMA_TEMPERATURE=0.3
# Flask Configuration
FLASK_SECRET_KEY=your-secure-secret-key-here
FLASK_DEBUG=False
FLASK_HOST=127.0.0.1
FLASK_PORT=5000
# Logging
LOG_LEVEL=INFOWhen you upload an OpenVAS XML file, the system follows this comprehensive workflow:
- Route:
/upload(GET) and/start(POST) - File Validation:
- Checks for
.xmlextension - Validates XML structure
- Verifies OpenVAS format compliance
- Checks for
- Security: Uses
secure_filename()for safe file handling
- Script:
xml_to_json.py - Process:
- Parses OpenVAS XML structure
- Extracts vulnerability data
- Converts to standardized JSON format
- Filters results to include only CVE-associated vulnerabilities
- Script:
enhanced_remediation_system_fixed.py - Features:
- Machine learning-based severity prediction
- Exploit availability assessment
- Threat intelligence enrichment
- AI-generated remediation recommendations
- Threat Intelligence Sources:
- NVD (National Vulnerability Database)
- Vulners API
- MITRE ATT&CK Framework
- ExploitDB
- Processing:
- CVE details enrichment
- CVSS scoring
- Exploit maturity assessment
- Remediation quality scoring
- Outputs:
- CSV file with integrated results
- HTML report with detailed analysis
- JSON data for dashboard visualization
- Threat intelligence summary
Upload β Validation β XMLβJSON β AI Analysis β Threat Intel β Report Generation β Dashboard Update
- Input: OpenVAS XML file (e.g.,
report-*.xml) - Process: File validation and security checks
- Output: File saved to
uploads/directory - Logs: Upload confirmation in application logs
- Script:
xml_to_json.py - Input: XML file from
uploads/directory - Process:
- Parse OpenVAS XML structure
- Extract vulnerability data
- Filter CVE-associated vulnerabilities
- Output:
test_vulnerabilities.json(root directory) - Logs:
Converting XML to JSONβXML to JSON conversion completed
- Script:
enhanced_remediation_system_fixed.py - Input:
test_vulnerabilities.json - Process:
- ExploitDB Integration: Download and process 46,000+ exploits
- CVE Mapping: Create exploit-to-CVE mappings
- API Integration: Query Vulners, NVD, Shodan APIs
- Threat Intelligence: MITRE ATT&CK framework integration
- Severity Prediction: ML-based vulnerability classification
- Output Files:
cve_cache/cve_exploit_mappings.json- CVE to exploit mappingsintegrated_results/test_vulnerabilities_integrated.csv- Enhanced CSV dataintegrated_results/test_vulnerabilities_report.html- HTML report
- Logs:
Running remediation system scriptβ ExploitDB processing progress
- Script:
integrated_results/vulnerabilities_extraction.py - Input: HTML report from Stage 3
- Process: Extract structured vulnerability data
- Output Files:
static/data/vulnerabilities.csv- Frontend CSV datastatic/data/vulnerabilities_data.json- Frontend JSON data
- Logs:
Running vulnerability extraction scriptβvulnerabilities.csv has been created
- Script:
static/data/generate_remediation_data.py - Input: CSV and JSON data from Stage 4
- Process:
- Ollama Integration: AI-powered remediation generation
- Model:
mistral:latest(default) - Enhancement: Structured remediation steps
- Quality Assessment: Remediation quality scoring
- Output Files:
static/data/structured_remediation_enhanced.js- Enhanced remediation data- Updated
static/data/vulnerabilities_data.json- AI-enhanced data
- Logs:
Running remediation generation scriptβOllama available with models: mistral:latest
- Process: Parse final results and update dashboard
- Input: All generated files from previous stages
- Output Files:
dashboard_data.json- Real-time dashboard datajobs_persistence.json- Job status tracking
- Logs:
Reading data from CSV and static/data/vulnerabilities_data.json
| Stage | Output Files | Location | Purpose |
|---|---|---|---|
| 1 | Uploaded XML | uploads/ |
Original scan data |
| 2 | test_vulnerabilities.json |
Root | Parsed vulnerability data |
| 3 | cve_exploit_mappings.json |
cve_cache/ |
Exploit database mappings |
| 3 | test_vulnerabilities_integrated.csv |
integrated_results/ |
Enhanced vulnerability data |
| 3 | test_vulnerabilities_report.html |
integrated_results/ |
HTML report |
| 4 | vulnerabilities.csv |
static/data/ |
Frontend CSV data |
| 4 | vulnerabilities_data.json |
static/data/ |
Frontend JSON data |
| 5 | structured_remediation_enhanced.js |
static/data/ |
AI-enhanced remediation |
| 6 | dashboard_data.json |
Root | Dashboard visualization data |
| Stage | Duration | Dependencies |
|---|---|---|
| 1 | 1-5 seconds | File size |
| 2 | 2-10 seconds | XML complexity |
| 3 | 30-120 seconds | API response times, ExploitDB processing |
| 4 | 5-15 seconds | Report size |
| 5 | 20-60 seconds | Ollama model, vulnerability count |
| 6 | 2-5 seconds | Data parsing |
- Stage Failures: Each stage logs errors and can be retried
- API Timeouts: Automatic retry with exponential backoff
- File Corruption: Validation checks at each stage
- Ollama Unavailable: Falls back to rule-based remediation
- Partial Failures: Continues processing with available data
The system accepts OpenVAS XML scan reports with the following structure:
<report>
<results>
<result id="unique_id">
<name>Vulnerability Name</name>
<host>IP_ADDRESS</host>
<port>PORT/PROTOCOL</port>
<threat>SEVERITY_LEVEL</threat>
<severity>CVSS_SCORE</severity>
<nvt oid="NVT_OID">
<name>NVT Name</name>
<tags>cvss_base_vector=...|summary=...|insight=...|solution=...</tags>
<refs>
<ref type="cve" id="CVE-YYYY-NNNNN"/>
</refs>
</nvt>
<description>Detailed description</description>
</result>
</results>
</report>| Element | Description | Required |
|---|---|---|
<result> |
Individual vulnerability finding | Yes |
<name> |
Vulnerability name/title | Yes |
<host> |
Target IP address | Yes |
<port> |
Affected port/protocol | Yes |
<threat> |
Severity level (High/Medium/Low) | Yes |
<severity> |
CVSS score (0.0-10.0) | Yes |
<nvt> |
Network Vulnerability Test details | Yes |
<refs> |
References including CVE IDs | Yes |
<description> |
Detailed vulnerability description | Optional |
<report content_type="text/xml" extension="xml" id="report-id">
<report>
<results>
<result id="0dfac365-534b-4aef-b03e-cb958ca82d8d">
<name>Microsoft Windows Server Service Remote Code Execution Vulnerability</name>
<host>192.168.183.134</host>
<port>445/tcp</port>
<threat>High</threat>
<severity>10.0</severity>
<nvt oid="1.3.6.1.4.1.25623.1.0.902782">
<name>Microsoft Windows Server Service Remote Code Execution Vulnerability</name>
<tags>cvss_base_vector=AV:N/AC:L/Au:N/C:C/I:C/A:C|summary=This host is missing important security update...</tags>
<refs>
<ref type="cve" id="CVE-2006-3439"/>
</refs>
</nvt>
<description>Detailed vulnerability description...</description>
</result>
</results>
</report>
</report>- Format: OpenVAS XML export
- Encoding: UTF-8
- Size Limit: No specific limit (handled by Flask)
- Content: Must contain at least one
<result>with CVE reference - Source: Generated by OpenVAS/GVM scanner
- Purpose: CVE details and exploit information
- Configuration:
VULNERS_API_KEYin.env - Rate Limit: Depends on subscription tier
- Purpose: Official CVE database
- Configuration:
NVD_API_KEYin.env(optional) - Rate Limit: 1000 requests/hour without key, 5000/hour with key
- Purpose: Internet-wide vulnerability scanning
- Configuration:
SHODAN_API_KEYin.env - Rate Limit: Depends on subscription
- Purpose: Local AI model inference
- Configuration:
OLLAMA_API_KEYin.env - Usage: AI-powered remediation generation
# Example API configuration
API_CONFIG = {
'vulners': {
'base_url': 'https://vulners.com/api/v3/',
'api_key': os.getenv('VULNERS_API_KEY')
},
'nvd': {
'base_url': 'https://services.nvd.nist.gov/rest/json/cves/2.0/',
'api_key': os.getenv('NVD_API_KEY')
},
'shodan': {
'base_url': 'https://api.shodan.io/',
'api_key': os.getenv('SHODAN_API_KEY')
}
}python app2.pyThe application will be available at http://localhost:5000
Before using the scanning features, ensure your OpenVAS backend is properly configured:
-
Start OpenVAS Services on Kali Linux VM
# On your Kali Linux VM systemctl start openvas-manager systemctl start openvas-scanner systemctl start greenbone-security-assistant -
Configure OpenVAS Server IP
- Open the web interface:
http://localhost:5000 - Go to Settings page
- Set "OpenVAS Server IP Address" to your VM's IP address
- Example:
192.168.1.100
- Open the web interface:
-
Test Backend Connection
- Use the test connection feature in settings
- Or manually test:
curl http://<vm_ip>:9392
-
Create Scan Tasks
- Navigate to Scan page
- Enter target IP addresses or hostnames
- Select scan type (Quick, Full, Custom)
- Start scanning
-
Navigate to Upload Page
- Go to
/uploador click "Upload" in the dashboard - Select your OpenVAS XML report file
- Go to
-
File Processing
- System validates XML format
- Converts to JSON for processing
- Runs AI analysis pipeline
- Generates comprehensive reports
-
View Results
- Check processing status at
/status/<job_id> - View results in dashboard
- Download reports in various formats
- Check processing status at
- Real-time Processing: Live status updates with progress tracking
- Vulnerability Overview: Severity distribution charts and statistics
- Threat Intelligence: CVE details and exploit information
- Remediation Recommendations: AI-generated fixes with quality scores
- Export Options: CSV, JSON, and HTML reports
- Processing Status: Stage-by-stage progress monitoring
The dashboard provides real-time updates for each processing stage:
- Queued β Job created and waiting
- Loading XML (10%) β File validation and parsing
- Converting to JSON (30%) β XML to JSON conversion
- Running analysis script (60%) β Enhanced remediation processing
- Parsing results (80%) β Data extraction and formatting
- Complete (100%) β All stages finished, dashboard updated
Example Log Output:
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Loading XML file
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Converting XML to JSON
Job e7413258-c65a-4f0d-a955-9dbb4a174859: XML to JSON conversion completed
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Running remediation system script
Processing 46834 exploits from ExploitDB...
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Running vulnerability extraction script
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Running remediation generation script
[AI] Ollama available with models: mistral:latest
Job e7413258-c65a-4f0d-a955-9dbb4a174859: Reading data from CSV and static/data/vulnerabilities_data.json
Calculated severity counts from CSV: {'Critical': 2, 'High': 1, 'Medium': 0, 'Low': 1}
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β Web Interface β β XML Processor β β AI Engine β
β (Flask App) βββββΊβ (xml_to_json) βββββΊβ (ML Models) β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β Dashboard β β Threat Intel β β Report Gen β
β (Real-time) β β (Multi-API) β β (HTML/CSV) β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
- Input: OpenVAS XML β Validation
- Processing: XMLβJSON β AI Analysis β Threat Intel
- Output: Reports + Dashboard Data
- Storage: Cached data for performance
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β File Upload β β XMLβJSON Conv β β Enhanced Rem β
β (Stage 1) βββββΊβ (Stage 2) βββββΊβ (Stage 3) β
β β β β β β
β β’ Validation β β β’ Parse XML β β β’ ExploitDB β
β β’ Security β β β’ Extract Data β β β’ API Calls β
β β’ Save to β β β’ Filter CVEs β β β’ Threat Intel β
β uploads/ β β β’ Output JSON β β β’ ML Prediction β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β Vulnerability β β AI Remediation β β Dashboard Updateβ
β Extraction β β Generation β β (Stage 6) β
β (Stage 4) β β (Stage 5) β β β
β β β β β β
β β’ Parse HTML β β β’ Ollama AI β β β’ Parse Results β
β β’ Extract CSV β β β’ Mistral Model β β β’ Update Charts β
β β’ Generate JSON β β β’ Enhancement β β β’ Real-time β
β β’ Frontend Data β β β’ Quality Score β β Visualization β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
| Endpoint | Method | Description |
|---|---|---|
/ |
GET | Main dashboard |
/upload |
GET | File upload page |
/start |
POST | Process uploaded file |
/status/<job_id> |
GET | Job processing status |
/results |
GET | View processing results |
/dashboard/data |
GET | Dashboard data API |
/api/threat-intel |
GET | Threat intelligence data |
| Endpoint | Method | Description |
|---|---|---|
/download/csv |
GET | Download CSV report |
/download/json |
GET | Download JSON data |
/report |
GET | View HTML report |
Before troubleshooting, ensure your system meets all requirements:
# Run the prerequisite checker
python prereq-script-updated.pyThis script will:
- β Check Python Version: Ensures Python 3.6+ is installed
- β Verify Directories: Creates missing directories automatically
- β Check Required Files: Validates all essential files exist
- β Package Dependencies: Installs missing Python packages
- β OpenVAS Module: Tests OpenVAS processing functionality
- β Sample Data: Creates test data if needed
Example Output:
--- Checking Python Version ---
β
Python version 3.8.10 is compatible
--- Checking Required Directories ---
β
All required directories exist
--- Checking Required Files ---
β
All required files are present
--- Checking Package Dependencies ---
β
All required packages are installed
--- System Ready ---
β
All prerequisites are met. System is ready to run.
Error: Path key 'UPLOAD_FOLDER' not found in configuration
Solution:
- Check
config/settings.pyand ensureBASE_DIRis set correctly - Update the path to match your system directory structure
- Example:
BASE_DIR = Path("C:/Users/YourUsername/Desktop/pipeline/pipeline")
Error: Connection refused to Ollama API
Solution:
- Ensure Ollama is running:
ollama serve - Check if the model is downloaded:
ollama list - Verify API endpoint:
curl http://localhost:11434/api/tags - Update
OLLAMA_BASE_URLin.envif using different port
Error: CUDA not available for PyTorch
Solution:
- Install CUDA toolkit:
conda install pytorch torchvision torchaudio pytorch-cuda=11.8 -c pytorch -c nvidia - Check GPU availability:
nvidia-smi - For CPU-only: Install CPU version:
pip install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cpu
Error: Invalid XML file
Solution: Ensure XML is well-formed and follows OpenVAS schema
Error: API authentication failed
Solution: Check .env file and API key validity
Error: Job processing timeout
Solution: Check file size and system resources
Error: Module not found
Solution:
- Run
pip install -r requirements.txt - Or use the prerequisite checker:
python prereq-script-updated.py
Error: Permission denied creating directory
Solution:
- Ensure write permissions to the project directory
- Run as administrator (Windows) or with sudo (Linux) if needed
- Check disk space availability
Error: Cannot connect to OpenVAS server
Solution:
- Verify VMware is using Bridge mode (not NAT or Host-Only)
- Check OpenVAS services are running on VM
- Verify IP address in settings matches VM's bridge network IP
- Test connectivity:
ping <vm_ip>andcurl http://<vm_ip>:9392 - Check firewall settings on both host and VM
# Install CUDA-enabled PyTorch
pip install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cu118
# Verify GPU availability
python -c "import torch; print(torch.cuda.is_available())"# In config/settings.py, adjust these settings:
APP_SETTINGS = {
'JOBS': {
'MAX_CONCURRENT_JOBS': 2, # Reduce for low memory systems
},
'PROCESSING': {
'CHUNK_SIZE': 4096, # Reduce for low memory systems
},
}Enable debug mode in config/settings.py or .env:
# In config/settings.py
APP_SETTINGS = {
'FLASK': {
'DEBUG': True,
},
}Or in .env:
FLASK_DEBUG=True
LOG_LEVEL=DEBUGCheck log files for detailed error information:
remediation_system.log: AI processing logslogs/app.log: Application logs- Flask application logs: Console output
- CVE Cache: Reduces API calls for repeated CVEs
- MITRE Cache: Cached ATT&CK framework data
- Embedding Cache: ML model embeddings for faster processing
- Parallel Processing: Multi-threaded API calls
- Batch Processing: Grouped vulnerability analysis
- Incremental Updates: Only process new vulnerabilities
- File Type Validation: Only
.xmlfiles accepted - Path Traversal Protection: Secure filename handling
- Size Limits: Configurable file size restrictions
- Key Management: Environment variable storage
- Rate Limiting: API call throttling
- Error Handling: Secure error messages
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
For issues and questions:
- Check the troubleshooting section
- Review the logs for error details
- Open an issue on GitHub
- Contact the development team
Note: This system is designed for security professionals and should be used in controlled environments. Always follow responsible disclosure practices when working with vulnerability data.