AI-assisted security testing tool with intent-driven execution
Project description
CSage
CSage is a professional, AI-powered cybersecurity testing assistant designed for developers and security researchers.
Unlike conventional "black-box" scanners, CSage utilizes the Navigator Model: an intent-driven pipeline where the AI acts as an expert consultant—analyzing targets, formulating step-by-step testing plans, and providing precise, explained commands—while you maintain absolute control over execution.
Key Features
- Navigator Architecture: Intent-driven testing where AI advises and users authorize.
- Smart Tool Discovery: Automatically detects, installs, and configures industry-standard tools (
nmap,sqlmap,gobuster, etc.). - Hybrid AI Engine: Seamlessly switch between local models (Ollama, LM Studio) and cloud high-performance providers (Groq, OpenAI, Gemini).
- Tamper-Evident Logging: Every command and finding is recorded in an HMAC hash-chained log for forensic integrity.
- Security Checkpoints: High-risk operations require explicit user confirmation and re-authentication.
Installation
CSage is optimized for macOS, Linux, and Windows (via WSL).
-
Clone & Navigate:
git clone https://github.com/HIMAVARASAGAR/csage.git cd csage
-
Global Installation:
pip3 install .
-
Dependency Setup: CSage will automatically check for required security binaries on its first run. You can also manually trigger this with:
csage tools install
CLI Reference
Main Commands
| Command | Alias | Description |
|---|---|---|
csage scan |
- | Start an interactive, AI-guided security audit. |
csage model |
- | Configure AI providers, models, and API keys. |
csage logs |
- | View session history and verify log integrity. |
csage tools |
packages |
Manage localized security tool installations. |
csage config |
- | Manage user account, passwords, and global settings. |
csage cleanup |
- | Remove temporary files, caches, and optionally logs. |
csage version |
- | Display current version and terms status. |
csage terms |
- | View the End User License Agreement (EULA). |
csage ai-test |
- | Specialized module for testing AI prompt security. |
csage reset |
factory-reset |
Danger Zone: Wipe all local configuration and accounts. |
Subcommand Details
- Scanning:
csage scan --url <url>: Target a specific web application.csage scan --target <path>: Target a local source code directory.
- Logging:
csage logs show <session_id>: Display a chronological narrative of a specific session.csage logs --verify: Validate the HMAC integrity of all session logs.
- Tool Registry (New):
- CSage now features a persistent registry at
~/.csage/tools.json. csage tools add <name> [cmd]: Add a custom tool. Ifcmdis omitted, the AI will generate it for your OS.csage tools remove <name>: Remove a custom tool from the registry.- In-Scan Auto-Setup: If the AI recommends a tool you don't have, it will automatically offer to install it using its internal knowledge of your OS.
- CSage now features a persistent registry at
- Config:
csage config password: Change your local authentication password.csage config keys-remove <provider>: Safely purge an API key from local storage.
Interactive Session Commands
Once inside a scanning session, use these primary controls to interact with the AI assistant:
[next](or Enter): Requests the next recommended step from the AI.[run]: Executes a suggested command (requires user authorization).[paste]: Paste output from a command you ran manually.[ask]: Ask a freeform question to the security analyst.[report]: Generate a structured markdown/HTML/JSON report of current findings.[model]: Hot-swap the underlying AI model without ending the session.[quit]: Safely terminate the session and finalize logs.
🛠️ Troubleshooting & OS Compatibility
macOS & Linux: Officially supported via native dependency mapping.
Windows (Native): Supported via winget, pip3, and go.
Windows (WSL): Highly recommended for the best experience.
Dependency Issues?
If csage tools install fails to automate a tool setup:
- Check the "Manual Path" provides in the terminal.
- Ensure your package managers (
brew,apt,winget,go) are up to date and in your PATH. - Consult the Official Manual or tool-specific documentation.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file csage-0.1.2.tar.gz.
File metadata
- Download URL: csage-0.1.2.tar.gz
- Upload date:
- Size: 61.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
149b6f0730e54a90739b050e37b22e31480f81a89f03201cd09a25adf07b5d2b
|
|
| MD5 |
5c93f9ad06d61eb20f6bd54dab8bf370
|
|
| BLAKE2b-256 |
66a4bc9429d94b52f555b92dfcca767c8bc919b924cd25bf726f07209b473899
|
File details
Details for the file csage-0.1.2-py3-none-any.whl.
File metadata
- Download URL: csage-0.1.2-py3-none-any.whl
- Upload date:
- Size: 62.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ee3445e36bd60babc99a8c3e8d0a1dc058e4b3567478dac6918468e05e3c82af
|
|
| MD5 |
e0ccc6655ba8d9ac9fb53a9833aff4f1
|
|
| BLAKE2b-256 |
518c863e7dc33d44af4867e06f0c17248ca3b4a1d44aaa64d938acb3795e7c73
|