Chat with an AI agent that scans, analyzes, and explains security threats in plain English.
Browse the landing page β sign in β chat with the AI agent. Here it runs a real website security scan from a plain-English request and explains every finding.
- π€ AI security agent β type what you want in plain English; it picks the right tool, runs it, and explains the results.
- π Bring your own AI provider β works with any OpenAI-compatible API (OpenAI, DeepSeek, OpenRouter, Groqβ¦). Your key is encrypted.
- π§° A full toolkit β OSINT, website & GitHub scans, subdomains, breach checks, JWT analysis, WAF detection, and more.
- π‘οΈ Personal security score β scan your own GitHub and website and get an AI-written fix guide.
- π» Web & desktop β run it in the browser or as a native desktop app.
Requirements: Node 20+, Python 3.11+, and a MongoDB connection string.
# 1. Clone
git clone https://github.com/Muhammad-Adil-code/ReconX.git
cd ReconX
# 2. Frontend
npm install
npm run dev # http://localhost:5173
# 3. Backend (new terminal)
cd backend
pip install -r requirements.txt
python3 main.py # http://localhost:8765Create a .env file in the project root:
# Database
MONGO_URL=mongodb+srv://<user>:<password>@<cluster>.mongodb.net/
DB_NAME=reconx
# Auth & encryption (use long random values)
JWT_SECRET=your-random-jwt-secret
ENCRYPTION_KEY=your-32-char-encryption-key!!!!
# Optional: a default AI provider (users can also add their own key in the app)
OPENAI_API_KEY=sk-...
OPENAI_BASE_URL=https://api.openai.com/v1
OPENAI_MODEL=gpt-4o-mini
ENCRYPTION_KEYencrypts the AI/tool keys users save in their profile β keep it stable, and never commit.env.
Prefer to add keys in the UI? Open Profile β AI Provider and paste any OpenAI-compatible key.
mainβ web app (deploy the frontend anywhere, backend on any Python host)appβ Electron desktop app (Windows / macOS / Linux)
MIT β for authorized security testing only. See SECURITY.md.
Made with β€οΈ by Muhammad Adil
