Senior Project · University of Bahrain · 2026

AI-Powered Network
Reconnaissance & Security Mapping

OpticNet combines intelligent scanning, real-time CVE analysis, and a fully local AI assistant to turn raw network data into clear, actionable security intelligence — all from your browser.

View on GitHub Watch Demo ↓

Preview

What It Looks Like

OpticNet Dashboard
Dashboard — scan profiles & recent history
OpticNet Network Graph
Network graph — hosts color-coded by risk severity

What is OpticNet?

Network Security Made Intelligent

OpticNet is a full-stack web application that brings together network scanning, vulnerability analysis, and artificial intelligence into one unified platform. Point it at an IP, a CIDR range, or a domain — and it handles the rest.

Results are presented as an interactive force-directed graph where every host is a node, color-coded by risk severity, with real CVE scores pulled live from the National Vulnerability Database. You see your attack surface the way attackers do — visually and immediately.

A built-in AI assistant understands your scan results and answers questions about any finding in both English and Arabic, completely offline. No data ever leaves your machine.

Flask Python Docker Ollama (Local AI) Nmap Nikto SQLMap NVD / CVE Force-Graph Arabic · English
🔍 Network & Port Scanning Nmap
🌐 Web Vulnerability Scanning Nikto · SQLMap
🛡️ CVE Vulnerability Lookup NVD API
🗺️ Interactive Risk Graph Force-Graph
🤖 Local AI Assistant (EN · AR) Ollama
🐳 Scan Engine + Vulnerable Lab Docker
📅 Scheduled & Recurring Scans Cron

Artificial Intelligence

Your Security Expert, Built In

The AI assistant is at the core of OpticNet — not an add-on. It understands your network, your findings, and speaks your language.

🤖
Fully Local & Private
Powered by Ollama running on your machine. No API calls, no cloud, no data leaving your network. Your scan results stay completely private — the AI works entirely offline.
🧠
Scan-Aware Context
The assistant knows what's in your current scan. Ask "what's the most critical host?" or "explain this CVE" and it answers using your actual data — not generic advice.
🌐
Bilingual: Arabic & English
Full support for both Arabic and English, including native right-to-left layout. Switch languages mid-conversation. Security knowledge should not have a language barrier.
💬
Multi-turn Conversations
Not a one-shot Q&A box. OpticNet maintains full conversation history so you can ask follow-up questions, drill down into a CVE, and get remediation steps step by step.
📋
CVE Deep Analysis
Dedicated CVE explanation mode. Paste a CVE ID and get a plain-language breakdown of what it is, what it affects, how exploitable it is, and how to fix it — in context of your network.
🔄
Page-Aware Intelligence
The assistant adapts to where you are in the app — dashboard, host detail, external scan, history view — and tailors its answers accordingly without you needing to explain the context.

Features

A Complete Security Platform

From network recon to web app testing, risk simulation to encrypted history — everything in one tool.

🔎
Network Scanning
Scan IPs, CIDR ranges, or hostnames using Nmap. Detects live hosts, open ports, running services, OS fingerprints, and device categories (router, server, IoT, printer, and more).
🌐
Web Vulnerability Scanning
Runs Nikto for web server analysis and SQLMap for SQL injection testing. Detects missing headers, outdated software, injection points, and exposed endpoints on discovered web services.
🔑
External Domain Recon
Enumerate subdomains with Subfinder and brute-force directories with Gobuster and ffuf on external targets. Maps the public attack surface of any domain.
🛡️
Real-time CVE Analysis
Every detected service is cross-referenced against the NVD database live. CVSS scores, severity levels, and affected versions are displayed per host — no manual lookup needed.
🗺️
Interactive Risk Graph
A force-directed network graph shows every host as a node, color-coded by risk severity. Zones (gateway, server, endpoint, IoT) organize the layout. Click any node to drill down.
⚠️
Risk Propagation & Simulation
Simulates how a compromised host spreads risk across the network. The "what-if" patching mode shows the network-wide impact of fixing a single host's vulnerabilities.
📅
Scheduled Scans
Create recurring scans on a cron schedule. OpticNet runs them automatically and notifies you on completion — no manual triggering needed for routine monitoring.
🕓
Scan History & Comparison
Every scan is saved as an encrypted snapshot. Compare any two scans side by side — new hosts, removed hosts, new CVEs, and changed ports are all highlighted as a delta report.
📊
Export & Reporting
Export full scan reports in PDF, HTML, JSON, or CSV format. PDF reports include graph screenshots. Comparison reports can also be exported in all formats.
🐳
Docker Test Lab
Ships with five Docker containers — a clean hardened server and four intentionally vulnerable targets (including CVE-2021-41773 and CVE-2011-2523) for safe, realistic testing without touching real infrastructure.
🔒
Encryption at Rest
Scan results are protected with a two-layer key hierarchy: a per-user Data Encryption Key (DEK) encrypts the data, and a server-side Key Encryption Key (KEK) wraps each DEK. Even direct database access exposes nothing readable.
🔔
Notifications & Audit Log
Real-time notifications on scan completion and anomaly detection. A full audit trail logs every action — scan start, export, schedule fired, login — for accountability and review.

How to Use

Up and Running in Minutes

OpticNet runs entirely in Docker — no manual dependency installation required beyond Docker itself.

1
Clone the repository
Download the project from GitHub to your local machine.
git clone https://github.com/maryamali27/OpticNet.git
2
Configure (optional)
The app works with zero configuration — a built-in database container starts automatically and sessions use a temporary key. For persistent sessions or to add your free NVD API key (faster CVE lookups), copy the example config:
cp .env.example .env
3
Install Ollama (optional)
Download Ollama from ollama.com and pull the AI model to enable the local AI assistant. The rest of the app works without it.
ollama pull llama3.2
4
Start with Docker Compose
One command builds and launches the entire stack — app, database, Nmap scanner container, and all lab targets. First build takes a few minutes; subsequent starts are instant.
docker compose up
5
Open the app
Navigate to the app in your browser. Register an account and you'll land on the dashboard, ready to scan.
http://localhost:5000
6
Scan, explore, and ask
Enter a target IP or CIDR range and start a scan. Results populate in real time. Switch to the graph view to see your network map, open the AI assistant to ask about any finding, or run a web scan on any discovered HTTP service.
ℹ️
LAN Scanning on Windows
The built-in Docker test lab works out of the box on all platforms. However, scanning your real local network (192.168.x.x, 10.x.x.x) requires Nmap to be accessible outside of Docker — this is a Docker Desktop for Windows limitation. To enable full LAN scanning, install Nmap either via WSL2 (sudo apt install nmap) or the native Windows installer at nmap.org.

Demo

See It in Action

Watch OpticNet scan, map, and analyze a network from start to finish.

Demo video coming soon
Full Scan Walkthrough
From target input to CVE results, risk graph, and web scanning
Demo video coming soon
AI Assistant in Action
Asking the local AI to explain a CVE and suggest remediation steps in Arabic

Team

Built by

A senior project developed at the University of Bahrain, College of Information Technology.

M
Maryam Isa Abdulla Alhawi
202204976 · Cybersecurity
M
Maryam Ali Hasan Darwish
202209427 · Cybersecurity
A
Ali Mahdi Kadhem Abbas
202110237 · Information Technology