Efsun (BETA)
A Comprehensive Automated Security Testing & Bug Tracking System
Efsunn is a powerful, self-hosted platform designed to bridge the gap between automated security scanning and manual vulnerability management. It integrates with popular security tools (Nikto, ZAP, Burp Suite, etc.), manages assets, and uses AI to summarize findings and streamline remediation.
Key Features
Automated Scanning Engine (BETA)
- Multi-Tool Integration: Support for Nikto, OWASP ZAP, Nuclei, and custom scripts.
- Execution Strategies: Run scans locally, via SSH on remote nodes, or inside Docker containers.
- Flexible Profiles: Create scan profiles combining multiple tools with custom arguments and ordering.
- Scheduling: Automated recurring scans (Hourly, …
Efsun (BETA)
A Comprehensive Automated Security Testing & Bug Tracking System
Efsunn is a powerful, self-hosted platform designed to bridge the gap between automated security scanning and manual vulnerability management. It integrates with popular security tools (Nikto, ZAP, Burp Suite, etc.), manages assets, and uses AI to summarize findings and streamline remediation.
Key Features
Automated Scanning Engine (BETA)
- Multi-Tool Integration: Support for Nikto, OWASP ZAP, Nuclei, and custom scripts.
- Execution Strategies: Run scans locally, via SSH on remote nodes, or inside Docker containers.
- Flexible Profiles: Create scan profiles combining multiple tools with custom arguments and ordering.
- Scheduling: Automated recurring scans (Hourly, Daily, Weekly).
Advanced Bug Tracking
- Kanban Board: Drag-and-drop workflow management.
- AI-Powered Summarization: Automatically generate concise titles, root cause analyses, and severity assessments using OpenAI, Gemini, or Ollama.
- Deduplication: Smart hashing prevents duplicate issues from flooding the dashboard.
- Asset Integration: Auto-discovery and enrichment of assets (hosts, domains) found during scans.
Reporting & Analytics
- Customizable Reports: Generate PDF/HTML reports for stakeholders.
- Dashboard: Real-time metrics on finding trends, severity distribution, and scanner performance.
Extensibility (BETA)
- Plugins/Parsers: Easily write PHP classes to parse output from new tools.
- API: Full REST API for external integrations.
Installation
Docker (Recommended)
The easiest way to run Efsunn is using Docker.
Clone the repository
git clone https://github.com/yourusername/efsunn.git
cd efsunn
Start Containers
docker-compose up -d --build
Install Open your browser and navigate to http://localhost:8000. You will be redirected to the Installation Wizard to configure your database and create an admin account.
Manual Installation
Prerequisites
- PHP 8.2+
- Composer
- Node.js & NPM
- MySQL/MariaDB or SQLite
Setup Steps
Clone & Install Dependencies
git clone https://github.com/yourusername/efsunn.git
cd efsunn
composer install
npm install
cp .env.example .env
Build Assets
npm run build
Run Installer You can choose between the Web Installer or the CLI Installer.
Option A: Web Installer Start the server:
php artisan serve
Visit http://localhost:8000 to run the setup wizard.
Option B: CLI Installer
php artisan efsunn:install
Follow the interactive prompts to setup the database and admin user. 1.
Start Queue Worker (Critical for Scans) Scans run in the background. Ensure this process is always running:
php artisan queue:work
Architecture
- Backend: Laravel 11
- Frontend: Blade + Livewire 3 + Alpine.js + Bootstrap 5
- Scanning: Job-based architecture (Redis/Database Queue) dispatching commands to Execution Nodes.
Contributing
Contributions are welcome! Please see CONTRIBUTING.md for details.
- Fork the repo
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
📄 License
Distributed under the MIT License. See LICENSE for more information.