bulutcnr/cnrco-scanner

★ 1JavaScriptAudience · ops devopsComplexity · 2/5ActiveSetup · moderate

Mindmap

mindmap
  root((cnrco-scanner))
    Inputs
      Target URL
      Local LLM
    Outputs
      OWASP findings
      CVSS scores
      Markdown or JSON report
    Use Cases
      Quick site audit
      Local privacy scan
      Client deliverable
    Tech Stack
      JavaScript
      Node 18
      Ollama
      llama3

mindmap root((cnrco-scanner)) Inputs Target URL Local LLM Outputs OWASP findings CVSS scores Markdown or JSON report Use Cases Quick site audit Local privacy scan Client deliverable Tech Stack JavaScript Node 18 Ollama llama3

Things people build with this

USE CASE 1

Run a passive header and TLS audit on a site you own before a manual pentest

USE CASE 2

Produce a Markdown OWASP Top 10 report to share with a client without sending data to a cloud API

USE CASE 3

Compare findings across staging and production by running the scanner against both URLs

USE CASE 4

Use the JSON output as input for a larger automated security pipeline

Tech stack

JavaScriptNode.jsOllama

Getting it running

Difficulty · moderate Time to first run · 30min

Needs Node 18 plus a running Ollama server with a pulled model, so the first scan waits for a multi-gigabyte model download.

In plain English

CNRCO Security Scanner is a command line tool that does a quick, passive security check on a website and produces a report mapped to the OWASP Top 10 from 2021. OWASP Top 10 is a well known industry list of the most common web application security risks. The scanner is run on your own computer against a domain you are allowed to audit, and it never sends data to an outside service. The way it works is fairly simple. The script visits the target URL once, the way a browser would, and collects the HTTP response headers, TLS connection details, cookies, and server fingerprints. That information is then handed to a local AI model running through Ollama, an open source tool that runs language models on your own machine. The model categorizes findings against the OWASP list, assigns CVSS scores and severity levels, and the results are printed in the terminal. Reports can be saved as Markdown for sharing with a client or as raw JSON. Output is ranked from Critical down to Informational. Because everything runs locally, there are no API keys, no accounts, and no per scan cost. Setup needs Node.js 18 or newer and Ollama. After installing Ollama you pull a model such as llama3.2, mistral, or llama3.1:8b, start the Ollama server, clone the repo, and run npm install. The README lists the RAM requirements for each model. The author is clear that this is passive reconnaissance only, meant as a first pass before active tools like Burp Suite or testssl.sh, and that you must have written permission to scan any system you do not own.

Copy-paste prompts

Prompt 1

Install Ollama, pull llama3.2, and run cnrco-scanner against my staging URL to generate a Markdown OWASP report

Prompt 2

Show me the RAM budget for each supported Ollama model and which one fits on a 16GB laptop

Prompt 3

Parse the JSON output of cnrco-scanner and filter only Critical and High findings into a CSV

Prompt 4

Write a wrapper script that runs cnrco-scanner against a list of 20 domains and merges the reports

Prompt 5

Explain which OWASP Top 10 2021 categories cnrco-scanner can actually detect from passive headers alone

Open on GitHub → Explain another repo

Generated 2026-05-22 · Model: sonnet-4-6 · Verify against the repo before relying on details.