Vortex is a local security assessment tool that pairs a Gemini-powered AI agent with a real Linux terminal. You drop in a target URL and the agent takes over — it runs recon, scans for vulnerabilities, and writes a full report on its own.
Built for bug bounty hunters and pentesters who want a fast, autonomous first-pass before going deep manually.
agins/
├── app.py ← Flask backend + Gemini AI agent
├── index.html ← Web UI (chat panel + live terminal)
├── icon.png ← App icon
└── requirements.txt
pip install -r requirements.txtOpen app.py and update the key, or set it as an env var:
export GEMINI_API_KEY="your_key_here"Get a free key at: https://aistudio.google.com/app/apikey
You can also change the key anytime from the Settings button inside the UI without restarting the server.
# Core tools
sudo apt install nmap nikto curl wget dirb gobuster whatweb wafw00f sqlmap
# Nuclei
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
# Subfinder
go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latestpython app.pyServer runs on http://localhost:5000
Open index.html directly in your browser, or serve it:
python -m http.server 8080
# then open http://localhost:8080You → type target URL
↓
Gemini → decides the next move
↓
Backend → runs the command in Linux
↓
Terminal → streams output live
↓
Gemini → reads output, continues
↓
... repeats automatically ...
↓
Final security report
- Open
index.htmlin your browser - Enter a target URL in the input field
- Hit Scan and watch the agent work
- When done, a full report pops up — you can export it as
.txt
Click the ⚙️ icon in the top-right to:
- Change the Gemini API key or model at runtime
- Configure a Telegram bot to receive scan results directly in chat
Only use Vortex on targets you own or have explicit permission to test. Unauthorized scanning is illegal in most countries.
Developer: @ZeroXJacks