PHPackages librevlad/basilisk - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. librevlad/basilisk ActiveLibrary librevlad/basilisk ================== Work in progress 0.1.1(6y ago)013MITPython Since Feb 23Pushed 2mo agoCompare [ Source](https://github.com/librevlad/basilisk)[ Packagist](https://packagist.org/packages/librevlad/basilisk)[ RSS](/packages/librevlad-basilisk/feed)WikiDiscussions develop Synced 1mo ago READMEChangelog (4)Dependencies (4)Versions (5)Used By (0) Basilisk ======== [](#basilisk) Professional modular security framework for autonomous reconnaissance, analysis, and pentesting. 188 auto-discovered plugins across 10 categories, all wrapped as v4 Scenarios. Unified autonomous engine with knowledge graph, deterministic decision traces, cognitive reasoning, and persistent campaign memory. Rich live visualization with real-time progress tracking. Training validation benchmarked against 20 vulnerable containers (298 expected findings) with **~97% guided validation coverage**. Quick Start ----------- [](#quick-start) ``` # Install uv sync && uv pip install -e ".[dev]" # Autonomous audit (primary mode) basilisk auto example.com basilisk auto example.com -n 50 # limit steps basilisk auto example.com --campaign # with cross-audit memory # Single plugin basilisk run ssl_check example.com # List plugins / scenarios basilisk plugins basilisk scenarios # all scenarios (native + legacy) basilisk scenarios --native # only native v4 scenarios # Training validation basilisk train training/profiles/dvwa.yaml # benchmark against known targets # Hash identification + crack basilisk crack ``` Architecture Overview --------------------- [](#architecture-overview) ``` CLI (cli.py) / Basilisk class (__init__.py) | Display (display/live.py, panels.py, report.py, training.py) | Rich live visualization + progress tracking Engine (engine/autonomous/runner.py) | ScenarioRegistry + ScenarioExecutor (v4 active path) Orchestrator (loop, planner, selector, scorer) | Scenarios (5 native + 188 legacy-wrapped via bridge/) | depend on ActorProtocol Actor (CompositeActor, HttpActor, RecordingActor) | Knowledge Graph + Verification + Cognitive Reasoning + KG Persistence ``` Autonomous Engine ----------------- [](#autonomous-engine) The autonomous engine builds a **knowledge graph** about the target and iteratively discovers knowledge gaps, selects optimal plugins to fill them, executes them, and merges results back into the graph. Each decision is recorded with full context for reproducibility. ``` Targets --> SEED --> [PLANNER] --> [SELECTOR] --> [SCORER] --> [DECISION] | | | [APPLY to KG] SERVICE(:2375) \--[RUNS]--> Technology(docker, is_container_runtime=True) \--[RUNS_CONTAINER]--> CONTAINER(abc123, privileged=True) \--[USES_IMAGE]--> IMAGE(nginx:1.24) ``` 7 plugins: `container_discovery` -> `container_enumeration` -> `registry_lookup` -> `image_fingerprint` -> `container_config_audit` -> `container_escape_probe` -> `container_verification` --- Training Validation ------------------- [](#training-validation) Benchmarking system for measuring detection coverage against known vulnerable targets. Each training profile defines a target, Docker compose configuration, authentication, scan paths, and expected findings. The validator uses multi-strategy matching (title containment, abbreviation expansion, category aliases, word overlap) with ±1 severity tolerance. ``` basilisk train training/profiles/dvwa.yaml # run against DVWA basilisk train training/profiles/juice_shop.yaml # run against Juice Shop ``` ### Benchmark Results (20 containers, 298 expected findings) [](#benchmark-results-20-containers-298-expected-findings) \#TargetFindingsAuthCategory1bWAPP39formPHP vulns (OWASP Top 10)2Mutillidae30formOWASP Top 103Juice Shop27json\_apiModern JS app4DSVW21formPython vulns5XVWA19formPHP vulns6BadStore16formClassic web7Altoro Mutual15formBanking app8DVWA15formPHP vulns9WackoPicko15formClassic web10DVGA13formGraphQL API11Hackazon12formE-commerce12Gruyere11formPython app13crAPI10json\_apiMicroservices API14DVWS10formWebSocket security15WebGoat9formLesson-based16NodeGoat8formNode.js17RailsGoat8formRuby on Rails18vAPI8json\_apiREST API19VAmPi7json\_apiREST API20Pixi5formOWASP DevSlop**Guided validation coverage: ~97%** (289/297) across 19 tested containers, 13 at 100%. > **Note:** Coverage is measured with pre-seeded endpoints, configured authentication, and multi-strategy validator matching. This measures the framework's detection capability when given optimal conditions, not blind discovery from scratch. --- Decision Tracing ---------------- [](#decision-tracing) Every autonomous decision is recorded with full context for auditability and debugging. **Pre-execution (before plugin runs):** - Context snapshot (entity/relation/gap counts, active hypotheses) - All evaluated candidates with score breakdowns (max 20) - Chosen plugin, target, score, reasoning trace, action type - Related hypothesis IDs and resolution gain **Post-execution (after plugin runs):** - Observation count, new entity count, confidence delta, duration - `was_productive` flag (new\_entities > 0 or confidence\_delta > 0.01) 14 event types: ENTITY\_CREATED, ENTITY\_UPDATED, OBSERVATION\_APPLIED, PLUGIN\_STARTED, PLUGIN\_FINISHED, GAP\_DETECTED, STEP\_COMPLETED, DECISION\_MADE, GOAL\_ADVANCED, AUDIT\_COMPLETED, BELIEF\_STRENGTHENED, BELIEF\_WEAKENED, HYPOTHESIS\_CONFIRMED, HYPOTHESIS\_REJECTED. --- Campaign Memory --------------- [](#campaign-memory) Persistent cross-audit learning. Remembers infrastructure, plugin effectiveness, and technology stacks across audits. Opt-in, disabled by default. ``` basilisk auto example.com --campaign ``` **What it learns:** - **Target profiles** — services, technologies, endpoints, findings per host - **Plugin efficacy** — per-plugin success rates with tech-stack breakdown - **Tech fingerprints** — technology patterns per organization (base domain) **How it helps:** - Adjusts plugin cost based on historical success rate - Adds prior bonus for known infrastructure - Data stored in `~/.basilisk/campaigns/campaign.db` (SQLite WAL) --- Plugin System ------------- [](#plugin-system) ### 188 Plugins (10 categories) [](#188-plugins-10-categories) CategoryCountExamples**Recon**23dns\_enum, subdomain\_crtsh, whois, web\_crawler, email\_harvest**Scanning**19port\_scan, ssl\_check, cors\_scan, graphql\_detect, container\_discovery**Analysis**23http\_headers, tech\_detect, waf\_detect, csp\_analyzer, image\_fingerprint**Pentesting**60sqli\_basic, xss\_basic, ssrf\_check, ssti\_check, command\_injection, xxe\_check**Exploitation**23cors\_exploit, graphql\_exploit, redis\_exploit, container\_escape\_probe**Crypto**8hash\_crack, padding\_oracle, prng\_crack, rsa\_attack**Lateral**12kerberoast, pass\_the\_hash, ntlm\_relay, credential\_spray**Privesc**7suid\_exploit, kernel\_exploit, sudo\_exploit**Post-exploit**7credential\_harvest, network\_enum, user\_enum**Forensics**6log\_analyze, memory\_analyze, pcap\_analyzeAll 188 plugins are automatically wrapped as v4 Scenarios via `bridge/legacy_scenario.py`. 5 native v4 scenarios in `scenarios/`. ### Writing a Plugin [](#writing-a-plugin) ``` from __future__ import annotations from typing import ClassVar from basilisk.core.plugin import BasePlugin, PluginCategory, PluginMeta from basilisk.models.result import Finding, PluginResult from basilisk.models.target import Target class MyPlugin(BasePlugin): meta: ClassVar[PluginMeta] = PluginMeta( name="my_plugin", display_name="My Plugin", category=PluginCategory.PENTESTING, description="What it does", produces=["my_data"], timeout=30.0, ) async def run(self, target: Target, ctx) -> PluginResult: findings = [] async with ctx.rate: resp = await ctx.http.get(f"https://{target.host}/") # ... analysis ... return PluginResult.success(self.meta.name, target.host, findings=findings) ``` Drop into `basilisk/plugins//` — auto-discovered at startup. --- Signature Databases ------------------- [](#signature-databases) DatabaseCountComparable toTech fingerprints594Wappalyzer top-500CVE version checks200+retire.jsWAF signatures125wafw00fCMS signatures83WPScan/CMSmapSubdomain takeover80can-i-take-over-xyzFavicon hashes300+ShodanSQLi payloads489sqlmapXSS payloads35+ basic, 49 DOMXSStrike/DalfoxSSTI probes32 math + 48 fingerprintstplmapCommand injection90commixNoSQLi payloads92—JWT attacks95—HTTP smuggling45—Default credentials75—Vulnerable base images30—VulnRegistry definitions100+CWE/OWASPProject Structure ----------------- [](#project-structure) ``` basilisk/ ├── cli.py # Typer CLI ├── config.py # Pydantic Settings + YAML ├── domain/ # Typed domain models (Target, Scenario, Finding, Surface) ├── actor/ # Network abstraction (CompositeActor, HttpActor, RecordingActor) ├── engine/ # ScenarioRegistry, TargetLoader, AutonomousRunner ├── bridge/ # v3 -> v4 compatibility (LegacyPluginScenario, adapters) ├── scenarios/ # 5 native v4 scenarios (dns, port, ssl, sqli, xss) ├── models/ # Pydantic v2 contracts (Target, Finding, PluginResult) ├── core/ # Plugin infrastructure (registry, executor, auth, providers) ├── knowledge/ # Knowledge graph (entities, relations, state, store, vulns) ├── observations/ # PluginResult -> Observation adapter ├── capabilities/ # Plugin capability mapping (145 explicit + auto-inference) ├── reasoning/ # Cognitive reasoning (hypothesis engine, evidence aggregator) ├── scoring/ # Priority scoring engine (campaign-aware, hypothesis-aware) ├── decisions/ # Decision model, context snapshots, evaluated options ├── memory/ # Decision history, adaptive repetition penalty ├── campaign/ # Persistent campaign memory (cross-audit learning) ├── orchestrator/ # Autonomous loop, planner, selector, goals, safety, coverage ├── verification/ # Finding verification (confidence calculator, confirmer) ├── training/ # Training validation (profiles, runner, validator) ├── display/ # Rich live visualization (LiveDisplay, TrainingDisplay, panels) ├── events/ # Event bus (14 event types) ├── utils/ # HTTP client, DNS, rate limiter, payloads, WAF bypass ├── storage/ # SQLite WAL (async, bulk ops, migrations) └── plugins/ # 188 plugins (auto-discovered) ├── recon/ (23) ├── scanning/ (19) ├── analysis/ (23) ├── pentesting/ (60) ├── exploitation/ (23) ├── crypto/ (8) ├── lateral/ (12) ├── privesc/ (7) ├── post_exploit/ (7) └── forensics/ (6) training/ # Training data (profiles, compose, scripts) tests/ # 2611 tests, 141 files ``` Stack ----- [](#stack) - **Python 3.12+** target - **Pydantic v2** — data models and validation - **aiohttp** — async HTTP with connection pooling - **aiosqlite** — async SQLite (WAL mode) - **dnspython** — async DNS resolution - **aiolimiter** — token bucket rate limiting - **aiofiles** — async file I/O (streaming wordlists) - **Typer + Rich** — CLI - **cryptography** — SSL certificate parsing - **uv** — package manager - **ruff** — linting (py312, line-length 100) - **pytest + pytest-asyncio** — testing (asyncio\_mode = auto) Development ----------- [](#development) ``` # Run all tests .venv/Scripts/python.exe -m pytest tests/ -v # Quick check (stop on first failure) .venv/Scripts/python.exe -m pytest tests/ -x --tb=short # Lint .venv/Scripts/python.exe -m ruff check basilisk/ tests/ # Plugin tests only .venv/Scripts/python.exe -m pytest tests/test_plugins/ -v ``` License ------- [](#license) MIT ### Health Score 31 — LowBetter than 68% of packages Maintenance56 Moderate activity, may be stable Popularity5 Limited adoption so far Community8 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 94.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 2275d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8dc28970580d50f2b4bb813e767ed7b0eefd6481037cd83ebc97ca63a7dae95b?d=identicon)[librevlad](/maintainers/librevlad) --- Top Contributors [![superman32432432](https://avatars.githubusercontent.com/u/7228420?v=4)](https://github.com/superman32432432 "superman32432432 (50 commits)")[![librevlad](https://avatars.githubusercontent.com/u/49364343?v=4)](https://github.com/librevlad "librevlad (3 commits)") ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/librevlad-basilisk/health.svg) ``` [![Health](https://phpackages.com/badges/librevlad-basilisk/health.svg)](https://phpackages.com/packages/librevlad-basilisk) ``` ### Alternatives [spatie/laravel-health Monitor the health of a Laravel application 85810.0M83](/packages/spatie-laravel-health)[illuminate/console The Illuminate Console package. 12944.1M5.1k](/packages/illuminate-console)[temporal/sdk Temporal SDK 4002.2M18](/packages/temporal-sdk)[pressbooks/pressbooks Pressbooks is an open source book publishing tool built on a WordPress multisite platform. Pressbooks outputs books in multiple formats, including PDF, EPUB, web, and a variety of XML flavours, using a theming/templating system, driven by CSS. 44643.1k1](/packages/pressbooks-pressbooks)[illuminate/process The Illuminate Process package. 44699.5k65](/packages/illuminate-process)[statamic/cli Statamic CLI Tool 7587.7k](/packages/statamic-cli) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)