SecSuite is an open-source security platform under TheSecuredAnalyst that unifies OSINT reconnaissance, web vulnerability scanning, API security testing, compliance checks, and AI-powered analysis in a single toolkit.

All results can be exported in JSON, CSV, HTML, or Markdown, and a built-in scheduler enables recurring scans with a persistent history; it supports SIEM integration via CEF/LEEF to Splunk and Elasticsearch, with optional API keys and offline operation via Ollama for air-gapped environments.

Installation is streamlined with a single setup script that installs Python, dependencies, Ollama, and a local AI model without requiring administrator privileges on Windows.

An AI-driven remediation engine guides operators through remediation steps for each finding using a local LLM, delivering actionable commands labeled as [CHECK], [FIX], and [VERIFY].

The web scanner demonstrates real-time vulnerability detection—evidenced by scans flagging SSLv3 and potential POODLE (CVE-2014-3566)—and covers XSS, SQLi, directory brute-forcing, and Nuclei-based scanning.

Version 0.1.0 includes 11 OSINT modules, 6 web security scanners, and 4 API security tools, accessible via a unified CLI or a FastAPI REST API, designed to run offline with local AI models.

SecSuite targets security professionals performing authorized pentests, red team exercises, and security assessments, featuring a modular architecture that lets teams enable only relevant components and run entirely offline if desired.

The apisec module tests REST APIs by ingesting OpenAPI/Swagger specs and includes sub-modules for endpoints (BOLA/IDOR, injections, information disclosure), authentication bypass, JWT weaknesses, and a fuzzer for boundary values and payloads.

The REST API server (secsuite serve) exposes capabilities via HTTP endpoints to facilitate integration into CI/CD pipelines and security tooling.

Core capabilities span OSINT, web security testing, API security testing, and compliance checks (OWASP Top 10, CIS Controls) with integrations to tools like Nmap, Shodan, VirusTotal, SearchSploit, Exploit-DB, and SIEMs such as Splunk and Elasticsearch.

The project is hosted on GitHub at TheSecuredAnalyst/security-suite, repository 53cur3dL34rn/security-suite, with ongoing updates and coverage from Cyber Security News.

AI analysis is provided through Ollama for local offline inference, plus Cloud-based options from Anthropic Claude and OpenAI GPT, enabling automated finding correlation, executive summaries, and interactive remediation workflows.