I built God's Eye to solve a problem I had doing bug bounties: existing recon tools found subdomains, but I still had to manually analyze them for security issues.
God's Eye combines subdomain enumeration with AI security analysis using Ollama (runs 100% locally):
• 11 passive sources + DNS brute-forcing
• HTTP probing + tech detection
• Real-time CVE detection via function calling
• JavaScript security review
• All analysis happens locally (zero API costs, completely private)
The AI integration uses a cascade approach: fast triage with phi3.5:3.8b, then deep analysis with qwen2.5-coder:7b only for interesting findings.
I've been using it for months on real engagements. The CVE detection via function calling has been particularly useful - the LLM queries the NVD database and provides context-aware recommendations.
vyntral•1h ago
I built God's Eye to solve a problem I had doing bug bounties: existing recon tools found subdomains, but I still had to manually analyze them for security issues.
God's Eye combines subdomain enumeration with AI security analysis using Ollama (runs 100% locally):
• 11 passive sources + DNS brute-forcing • HTTP probing + tech detection • Real-time CVE detection via function calling • JavaScript security review • All analysis happens locally (zero API costs, completely private)
The AI integration uses a cascade approach: fast triage with phi3.5:3.8b, then deep analysis with qwen2.5-coder:7b only for interesting findings.
I've been using it for months on real engagements. The CVE detection via function calling has been particularly useful - the LLM queries the NVD database and provides context-aware recommendations.
Tech stack: Go, Ollama, concurrent execution with rate limiting, modular architecture.
It's MIT licensed and I'm looking for feedback on: - Performance optimizations - Additional AI use cases - Integration ideas
Happy to answer questions about the architecture or AI integration approach!
Release notes: https://github.com/Vyntral/god-eye/releases/tag/v0.1.0