Transform Codex CLI into AI-Powered Bug Bounty Hunter with Full Network Access

README.md

@@ -1,5 +1,5 @@
-<h1 align="center">OpenAI Codex CLI</h1>
-<p align="center">Lightweight coding agent that runs in your terminal</p>
+<h1 align="center">AI Bug Bounty Hunter</h1>
+<p align="center">Comprehensive AI-powered bug bounty tool with web interface and automated scanning</p>
 
 <p align="center"><code>npm i -g @openai/codex</code></p>
 

codex-cli/Dockerfile

@@ -3,29 +3,58 @@ FROM node:20
 ARG TZ
 ENV TZ="$TZ"
 
-# Install basic development tools and iptables/ipset
+# Install bug bounty tools and dependencies
 RUN apt update && apt install -y \
   aggregate \
+  curl \
   dnsutils \
   fzf \
   gh \
   git \
   gnupg2 \
+  golang-go \
   iproute2 \
   ipset \
   iptables \
   jq \
   less \
   man-db \
+  nmap \
   procps \
+  python3 \
+  python3-pip \
+  sqlmap \
   sudo \
   unzip \
   ripgrep \
-  zsh 
+  wget \
+  zsh
 
-# Ensure default node user has access to /usr/local/share
+# Install Go-based bug bounty tools
+ENV GOPATH=/opt/go
+ENV PATH=$PATH:/opt/go/bin:/usr/local/go/bin
+RUN mkdir -p /opt/go && \
+  go install -v github.com/owasp-amass/amass/v4/...@master && \
+  go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest && \
+  go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest && \
+  go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest && \
+  go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest && \
+  go install -v github.com/projectdiscovery/katana/cmd/katana@latest
+
+# Install Python-based security tools
+RUN pip3 install \
+  dirsearch \
+  whatweb \
+  xsstrike \
+  commix
+
+# Install Playwright dependencies for browser automation
+RUN npx playwright install --with-deps chromium
+
+# Ensure default node user has access to /usr/local/share and Go tools
 RUN mkdir -p /usr/local/share/npm-global && \
-  chown -R node:node /usr/local/share
+  chown -R node:node /usr/local/share && \
+  chown -R node:node /opt/go
 
 ARG USERNAME=node
 
@@ -34,16 +63,31 @@ USER node
 
 # Install global packages
 ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
-ENV PATH=$PATH:/usr/local/share/npm-global/bin
+ENV PATH=$PATH:/usr/local/share/npm-global/bin:/opt/go/bin
 
 # Install codex
 COPY dist/codex.tgz codex.tgz
 RUN npm install -g codex.tgz
 
-# Copy and set up firewall script
+# Copy and set up network configuration script (now allows full access)
 COPY scripts/init_firewall.sh /usr/local/bin/
 USER root
 RUN chmod +x /usr/local/bin/init_firewall.sh && \
   echo "node ALL=(root) NOPASSWD: /usr/local/bin/init_firewall.sh" > /etc/sudoers.d/node-firewall && \
   chmod 0440 /etc/sudoers.d/node-firewall
+
+# Set up auto-restart capability
+COPY scripts/auto-restart.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/auto-restart.sh && \
+  echo "node ALL=(root) NOPASSWD: /usr/local/bin/auto-restart.sh" >> /etc/sudoers.d/node-firewall
+
 USER node
+
+# Create necessary directories for bug bounty operations
+RUN mkdir -p /home/node/.codex/tools /home/node/.codex/results /home/node/.codex/browser_data
+
+# Expose port 3222 for web interface
+EXPOSE 3222
+
+# Default command starts the bug bounty web server
+CMD ["codex", "bugbounty", "server"]

codex-cli/build.mjs

@@ -74,5 +74,12 @@ esbuild
     sourcemap: isDevBuild ? "inline" : true,
     plugins,
     inject: ["./require-shim.js"],
+    external: [
+      "playwright",
+      "better-sqlite3",
+      "chromium-bidi",
+      "express",
+      "ws"
+    ],
   })
   .catch(() => process.exit(1));