FinGen is a ChatGPT based findings generator to help save penetration testers time and provide more readable findings.

It generates findings with the following properties:

• Description
• Remediation
• Implication
• Risk Rating (With likelihood + impact)
• Sometimes extra helpful info like a risk rating justification

NOTE: It generally gives accurate findings but make sure to verify and add context in a real report.
Swap the model (see code) if you have GPT-4 for better findings.

You just need 2 things to run it:

• An API key from OpenAI (https://platform.openai.com/account/api-keys)
• Any finding title

NOTE: The OpenAI API is paid, the cost is ~1c per 100 findings and you can get an $18 free trial.

pip3 install FinGen
python3 -m FinGen --api-key "<api_key>" --title "Auto Complete Not Disabled"

git clone https://github.com/Stratus-Security/FinGen
cd FinGen
pip3 install openai
python3 FinGen.py --api-key "<api_key>" --title "Auto Complete Not Disabled"

Generate a single finding with the perspective of a tester from Stratus Security

python3 FinGen.py --api-key "<api_key>" --title "Auto Complete Not Disabled" --company "Stratus Security"

We can also generate multiple findings at once

python3 FinGen.py --api-key "<api_key>" --title "Auto Complete Not Disabled" --title "Blind SQL Injection" --title "Reflected Cross-Site Scripting" 

If you want any features added feel free to open an issue or PR!