-
-
hardware util before
-
hardware util after
-
output
Inspiration
Websites and software often have hidden vulnerabilities that can compromise user data and system security. I wanted to build a tool that automatically detects these issues, explains the risks, and provides actionable fixes — all powered by AI. The goal was to make security insights accessible and understandable for developers and admins.
What I Learned
How to integrate GPT-OSS models locally for real-time analysis. Parsing and formatting AI-generated reports into structured, readable outputs. Web security concepts: HTTP headers, CSP, HSTS, XSS, and supply-chain risks. Frontend/backend integration for live vulnerability scanning.
How I Built It
Backend: FastAPI + Python to handle URL input, call GPT-OSS 20B locally, and process the output. Frontend: HTML, CSS, JS using Markdown rendering for tables, checklists, and structured reports. AI Model: GPT-OSS 20B for analyzing websites and generating security reports. Enhancements: Styled output with collapsible sections, color-coded risks, and actionable fix checklists.
Challenges
Making the AI output readable and structured in the browser. Running GPT-OSS locally on limited GPU hardware (streaming partial outputs helped). Understanding complex security headers and translating them into actionable recommendations.
Built With
Languages & Frameworks: Python, FastAPI, JavaScript, HTML, CSS AI Model: GPT-OSS 20B Libraries: requests, uvicorn, marked.js for Markdown rendering Tools: Browser DevTools, VS Code Other: Local CPU(ryzen 5 5600X)
Built With
- css
- fastapi
- gptoss20b
- html
- javascript
- python
Log in or sign up for Devpost to join the conversation.