Cyber Tool Recommender

AI-powered cybersecurity assistant for CTFs and ethical hacking education that recommends reconnaissance tools and Linux enumeration methodologies without solving challenges.

Comment

Inspiration

We wanted to create a cybersecurity assistant that could help ethical hacking students and CTF participants learn methodologies and discover useful tools without directly solving challenges or exposing flags. Many beginners struggle to know where to start during Linux reconnaissance and privilege escalation tasks, so we designed an AI-powered educational guide focused on safe learning and exploration.

What it does

Cyber Tool Recommender is a web application that analyzes cybersecurity challenge descriptions and recommends educational tools, Linux enumeration techniques, and ethical methodologies. The assistant helps users understand how to approach reconnaissance and privilege escalation tasks in CTF-style environments while intentionally avoiding exploit generation or flag solving.

The platform recommends tools such as:

  • Nmap
  • LinPEAS
  • Gobuster
  • Wireshark
  • Hydra
  • Netcat

It also suggests Linux commands and investigation methodologies related to enumeration, permissions analysis, and hidden file discovery.

How we built it

We built the frontend using React and Vite to create a responsive and modern user interface. The backend was developed with FastAPI in Python, and the project integrates the Google Gemini API to generate contextual cybersecurity recommendations.

We also implemented:

  • CORS middleware for frontend-backend communication
  • Environment variable protection using .env
  • Error handling and fallback responses
  • Prompt engineering to prevent unsafe outputs

Challenges we ran into

One of the biggest challenges was configuring the Gemini API and handling quota limitations during development. We also faced CORS issues while connecting the React frontend with the FastAPI backend and had to securely manage API keys using environment variables.

Another challenge was designing prompts that provided useful cybersecurity guidance without revealing challenge solutions or violating ethical boundaries.

Accomplishments that we're proud of

We are proud of successfully building a full-stack AI-powered cybersecurity assistant in a hackathon environment. We integrated a modern frontend with a Python backend and connected it to a real AI API while maintaining safe and ethical behavior for cybersecurity education.

What we learned

Throughout the project we learned:

  • FastAPI backend development
  • React frontend integration
  • API communication and debugging
  • Environment variable management
  • AI prompt engineering
  • Ethical considerations when using AI in cybersecurity

What's next for Cyber Tool Recommender

In the future we would like to:

  • Add challenge categorization
  • Support OSINT and web exploitation guidance
  • Create interactive learning paths
  • Improve UI/UX design
  • Add user authentication and saved sessions
  • Integrate visualization dashboards for reconnaissance workflows
Share this project:

Updates