DOMPROS - AI-Powered Penetration Testing Assistant
Home | Projects | Articles | Apophthegm | About |
Introduction
What is DeepSeek R1?
DeepSeek-R1 is an AI model developed by Chinese artificial intelligence startup DeepSeek. Released on 20th January 2025, R1 holds its own against (and in some cases surpasses) the reasoning capabilities of some of the world’s most advanced foundation models — but at a fraction of the operating cost, according to the company. R1 is also open sourced under an MIT license, allowing free commercial and academic use.
There are three key ideas behind DeepSeek R1:
- Chain of Thought — Making the model explain itself.
- Reinforcement Learning — Letting it train itself.
- Distillation — Shrinking it without losing power.
What is DOMPROS?
DOMPROS is an AI-Powered Penetration Testing Assistant that is almost generated by DeepSeek R1 and modified by Qwen QwQ-32B. It assists less experience penetration testers to perform penetration tests. It provides Search
, Analyze
, Brainstrom
and Tools
to the penetration testers during their works. The project is created and designed by Samiux on Feburary 26, 2025.
You can use any LLM (Large Language Model) in the market while it is running on Ollama. We recommended using DeepSeek R1 Distilled LLM as it can run on any low-end multi-core computer with or without GPUs. At least 8 or 16GB RAM is required depends on what model used.
Installation
0x01 Docker on Kali Linux 2024.4
sudo apt-get update
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "bookworm") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce
0x02 Docker on Ubuntu 24.04 LTS
sudo snap install docker
or
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce
0x03 Ollama
sudo docker run -d -v ollama:/root/.ollama -p 127.0.0.1:11434:11434 --name ollama --restart always ollama/ollama
0x04 LLM
DeepSeek-R1-Distill-Qwen-7B
sudo docker exec -it ollama ollama pull deepseek-r1:7b
DeepSeek-R1-Distill-Qwen-14B
sudo docker exec -it ollama ollama pull deepseek-r1:14b
DeepSeek-R1-Distill-Llama-8B
sudo docker exec -it ollama ollama pull deepseek-r1:8b
You can choose from 7B/8B, 14B, 32B and 70B, the larger number the more RAM you required. For example, 7B/8B needs 8GB RAM, while 14B requires 16GB RAM.
0x05 DOMPROS
Set up Python Virtualenv that does not mess up with the original OS.
sudo apt install python3-virtualenv
virtualenv -p python3 venv
source venv/bin/activate
Install dependencies
pip3 install colorama requests duckduckgo_search prompt_toolkit
Install DOMPROS
git clone https://github.com/samiux/dompros
Update the outdated dependencies
pip3 install -U `pip3 list --outdated | awk 'NR>2 {print $1}'`
Run
Run the following command and follows the instruction on the screen.
source venv/bin/activate
python ~/dompros/dompros.py
Quit :
deactivate
██████╗ ██████╗ ███╗ ███╗██████╗ ██████╗ ██████╗ ███████╗
██╔══██╗██╔═══██╗████╗ ████║██╔══██╗██╔══██╗██╔═══██╗██╔════╝
██║ ██║██║ ██║██╔████╔██║██████╔╝██████╔╝██║ ██║███████╗
██║ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ██╔══██╗██║ ██║╚════██║
██████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ██║ ██║╚██████╔╝███████║
╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚══════╝
DOMPROS - AI-Powered Penetration Testing Assistant
Version 0.0.16 | MIT License | By DeepSeek R1, Qwen QwQ-32B & Samiux
Dated Mar 11, 2025
[ DOMPROS Command Reference ]
Core Commands:
search <query> - Perform security research via DuckDuckGo
analyze - Analyze security findings
brainstorm - Generate attack ideas and PoCs
web <query> - General security chat via DuckDuckGo
tools <query> - Get tool recommendations via DuckDuckGo
shelldb <category> - Access command/payload database
Database Categories:
webshells reverse_shells linux_priv_esc
windows_priv_esc tunneling payload_generators
Utility Commands:
help - Show this menu
exit - Quit the application
clear - Clear the screen
history - Show command history
Examples:
search 'log4j exploit github'
brainstorm 'Windows domain escalation'
shelldb reverse_shells
You:
The logs are inside logs
directory which can be found at the current directory.
Configuration
You can use deepseek-r1:7b (DeepSeek-R1-Distill-Qwen-7B)
or deepseek-r1:14b (DeepSeek-R1-Distill-Qwen-14B)
or deepseek-r1:8b (DeepSeek-R1-Distill-Llama-8B)
by modifiy the MODEL_NAME
at dompros.py
. Default is using deepseek-r1:7b (DeepSeek-R1-Distill-Qwen-7B)
.
If you are using 14B or above, you may consider to change TEMPERATURE
to 0.6
. The default value of TEMPERATURE
for 7B is 0.7
.
ChangeLog
Version 0.0.1 - Feb 26, 2025 First release.
Version 0.0.2 - Feb 28, 2025 Enhancement and some minor changes.
Version 0.0.3 - Mar 01, 2025 Re-designed. New release.
Version 0.0.4 - Mar 01, 2025 Modified for streaming.
Version 0.0.5 - Mar 01, 2025 Minor bugs fixed.
Version 0.0.6 - Mar 02, 2025 Minor bugs fixed.
Version 0.0.7 - Mar 02, 2025 Enhancement.
Version 0.0.10 - Mar 03, 2025 Re-designed. New release.
Version 0.0.11 - Mar 04, 2025 Enhancement.
Version 0.0.12 - Mar 05, 2025 Bug fixed.
Version 0.0.13 - Mar 07, 2025 Enhancement.
Version 0.0.14 - Mar 08, 2025 Improve system prompts.
Version 0.0.15 - Mar 09, 2025 Improvement.
Version 0.0.16 - Mar 11, 2025 Improvement.
License
DOMPROS is open sourced under an MIT license, allowing free commercial and academic use.
Known Issues
- duckduckgo_search 7.5.0 is buggy and caused ratelimit error. UPDATE : This bug has been fixed in 7.5.1 on Mar 09, 2025.
Testing Scenarios
- Intel i7-8750H with NVIDA GeForce GTX 1060 and 16GB RAM Laptop
- AMD Ryzen R7-4800U with 32GB RAM Mini-PC
Both hardware can run Dompros with DeepSeek R1 7B model smoothly but GTX 1060 has better performance.
Samiux
OSCE OSCP OSWP
Feburary 26, 2025, Hong Kong, China
Reference
Home | Projects | Articles | Apophthegm | About |