DOMPROS - AI-Powered Penetration Testing Assistant

Introduction

What is DeepSeek R1?

DeepSeek-R1 is an AI model developed by Chinese artificial intelligence startup DeepSeek. Released on 20th January 2025, R1 holds its own against (and in some cases surpasses) the reasoning capabilities of some of the world’s most advanced foundation models — but at a fraction of the operating cost, according to the company. R1 is also open sourced under an MIT license, allowing free commercial and academic use.

There are three key ideas behind DeepSeek R1:

Chain of Thought — Making the model explain itself.
Reinforcement Learning — Letting it train itself.
Distillation — Shrinking it without losing power.

What is DOMPROS?

DOMPROS is an AI-Powered Penetration Testing Assistant that is almost generated by DeepSeek R1 and modified by Qwen QwQ-32B. It assists less experience penetration testers to perform penetration tests. It provides Search, Analyze, Brainstrom and Tools to the penetration testers during their works. The project is created and designed by Samiux on Feburary 26, 2025.

You can use any LLM (Large Language Model) in the market while it is running on Ollama. We recommended using DeepSeek R1 Distilled LLM as it can run on any low-end multi-core computer with or without GPUs. At least 8 or 16GB RAM is required depends on what model used.

Installation

0x01 Docker on Kali Linux 2024.4

sudo apt-get update

sudo install -m 0755 -d /etc/apt/keyrings

sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc

sudo chmod a+r /etc/apt/keyrings/docker.asc

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "bookworm") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt-get update

sudo apt-get install docker-ce

0x02 Docker on Ubuntu 24.04 LTS

sudo snap install docker

sudo install -m 0755 -d /etc/apt/keyrings

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc

sudo chmod a+r /etc/apt/keyrings/docker.asc

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update

sudo apt install docker-ce

0x03 Ollama

sudo docker run -d -v ollama:/root/.ollama -p 127.0.0.1:11434:11434 --name ollama --restart always ollama/ollama

0x04 LLM

DeepSeek-R1-Distill-Qwen-7B

sudo docker exec -it ollama ollama pull deepseek-r1:7b

DeepSeek-R1-Distill-Qwen-14B

sudo docker exec -it ollama ollama pull deepseek-r1:14b

DeepSeek-R1-Distill-Llama-8B

sudo docker exec -it ollama ollama pull deepseek-r1:8b

You can choose from 7B/8B, 14B, 32B and 70B, the larger number the more RAM you required. For example, 7B/8B needs 8GB RAM, while 14B requires 16GB RAM.

0x05 DOMPROS

Set up Python Virtualenv that does not mess up with the original OS.

sudo apt install python3-virtualenv

virtualenv -p python3 venv
source venv/bin/activate

Install dependencies

pip3 install colorama requests duckduckgo_search prompt_toolkit

Install DOMPROS

git clone https://github.com/samiux/dompros

Update the outdated dependencies

pip3 install -U `pip3 list --outdated | awk 'NR>2 {print $1}'`

Run

Run the following command and follows the instruction on the screen.

source venv/bin/activate

python ~/dompros/dompros.py

Quit :

deactivate

██████╗  ██████╗ ███╗   ███╗██████╗ ██████╗  ██████╗ ███████╗
██╔══██╗██╔═══██╗████╗ ████║██╔══██╗██╔══██╗██╔═══██╗██╔════╝
██║  ██║██║   ██║██╔████╔██║██████╔╝██████╔╝██║   ██║███████╗
██║  ██║██║   ██║██║╚██╔╝██║██╔═══╝ ██╔══██╗██║   ██║╚════██║
██████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ██║  ██║╚██████╔╝███████║
╚═════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚═╝  ╚═╝ ╚═════╝ ╚══════╝

DOMPROS - AI-Powered Penetration Testing Assistant
Version 0.0.16 | MIT License | By DeepSeek R1, Qwen QwQ-32B & Samiux
Dated Mar 11, 2025
    

[ DOMPROS Command Reference ]

Core Commands:
  search <query>     - Perform security research via DuckDuckGo
  analyze            - Analyze security findings
  brainstorm         - Generate attack ideas and PoCs
  web <query>        - General security chat via DuckDuckGo
  tools <query>      - Get tool recommendations via DuckDuckGo
  shelldb <category> - Access command/payload database

Database Categories:
  webshells reverse_shells linux_priv_esc 
  windows_priv_esc tunneling payload_generators
  
Utility Commands:
  help        - Show this menu
  exit        - Quit the application
  clear       - Clear the screen
  history     - Show command history

Examples:
  search 'log4j exploit github'
  brainstorm 'Windows domain escalation'
  shelldb reverse_shells

 
You: 

The logs are inside logs directory which can be found at the current directory.

Configuration

You can use deepseek-r1:7b (DeepSeek-R1-Distill-Qwen-7B) or deepseek-r1:14b (DeepSeek-R1-Distill-Qwen-14B) or deepseek-r1:8b (DeepSeek-R1-Distill-Llama-8B) by modifiy the MODEL_NAME at dompros.py. Default is using deepseek-r1:7b (DeepSeek-R1-Distill-Qwen-7B).

If you are using 14B or above, you may consider to change TEMPERATURE to 0.6. The default value of TEMPERATURE for 7B is 0.7.

ChangeLog

Version 0.0.1 - Feb 26, 2025 First release.
Version 0.0.2 - Feb 28, 2025 Enhancement and some minor changes.
Version 0.0.3 - Mar 01, 2025 Re-designed. New release.
Version 0.0.4 - Mar 01, 2025 Modified for streaming.
Version 0.0.5 - Mar 01, 2025 Minor bugs fixed.
Version 0.0.6 - Mar 02, 2025 Minor bugs fixed.
Version 0.0.7 - Mar 02, 2025 Enhancement.
Version 0.0.10 - Mar 03, 2025 Re-designed. New release.
Version 0.0.11 - Mar 04, 2025 Enhancement.
Version 0.0.12 - Mar 05, 2025 Bug fixed.
Version 0.0.13 - Mar 07, 2025 Enhancement.
Version 0.0.14 - Mar 08, 2025 Improve system prompts.
Version 0.0.15 - Mar 09, 2025 Improvement.
Version 0.0.16 - Mar 11, 2025 Improvement.

License

DOMPROS is open sourced under an MIT license, allowing free commercial and academic use.

Known Issues

duckduckgo_search 7.5.0 is buggy and caused ratelimit error. UPDATE : This bug has been fixed in 7.5.1 on Mar 09, 2025.

Testing Scenarios

Intel i7-8750H with NVIDA GeForce GTX 1060 and 16GB RAM Laptop
AMD Ryzen R7-4800U with 32GB RAM Mini-PC

Both hardware can run Dompros with DeepSeek R1 7B model smoothly but GTX 1060 has better performance.

Samiux
OSCE OSCP OSWP
Feburary 26, 2025, Hong Kong, China

Reference