AI Process Report is a powerful tool that analyzes running processes on Windows and Linux systems using advanced AI models. It provides detailed insights and threat assessments for each process, helping users understand their system's current state and potential security risks. The AI also provides a short detailed summery of each process and what it is used for.
Keep it all private and local using ollama or use openai or anthropic. Fine tune your own model with a better understanding of the security threats or use RAG and provide the model with additional details regarding threat processes. Using standard models do a good job at providing a description for the processes running or stopped.
- π Analyzes running processes in real-time
- π€ Utilizes multiple AI providers (OpenAI, Anthropic, Ollama) for in-depth analysis
- π Supports local AI models through Ollama integration
- π Generates comprehensive HTML reports with threat scores and process descriptions
- π¨ User-friendly CLI with rich, colorful output
- Works in Windows and Linux (tested in wsl - ubuntu)
For Windows users, a convenient start.bat
file that sets up the environment and runs the script automatically. Here's how to use it:
-
Ensure you have Python 3.8 or higher installed and added to your system PATH.
-
Download or clone this repository to your local machine.
-
Navigate to the project directory fill in your .env and locate the
start.bat
file. -
Double-click on
start.bat
The batch file will:
- Create a virtual environment if it doesn't exist
- Activate the virtual environment
- Install or update required packages
- Run the AI Process Report script
Note: On first run, it may take a few minutes to set up the environment and install dependencies. Subsequent runs will be faster.
-
Clone the repository:
git clone https://github.com/bigsk1/ai-process-report.git cd ai-process-report
-
Create a virtual environment and activate it:
python -m venv venv source venv/bin/activate # On Windows, use `venv\Scripts\activate`
-
Install the required packages:
pip install -r requirements.txt
-
Set up your
.env
file with the necessary API keys and configurations:AI_PROVIDER=anthropic ANTHROPIC_MODEL=claude-3-5-sonnet-20240620 OPENAI_MODEL=gpt-4o OLLAMA_MODEL=llama3 OLLAMA_URL=http://127.0.0.1:11434 PROCESS_LIMIT=50
Run the script with your preferred AI provider:
python main.py --ai anthropic
Available options for the --ai
argument are:
anthropic
(uses Claude AI)openai
(uses GPT-4)ollama
(uses local Ollama model)
You can also enable debug mode for more detailed logging:
python main.py --ai openai --debug
- The script gathers information about running processes on your system.
- It sends this information to the selected AI model for analysis.
- The AI provides a description and threat score for each process.
- The script generates an HTML report with the results.
- The report opens automatically in your default web browser.
- If the process is unknown you can click a link to do a duckduckgo search about that process.
- Anthropic has the 8192 output tokens header listed anthropic-beta: max-tokens-3-5-sonnet-2024-07-15. to be able to use it for a large amount of processes.
You can customize the behavior of AI Process Report by modifying the .env
file:
AI_PROVIDER
: Default AI provider to use (anthropic, openai, or ollama)ANTHROPIC_MODEL
: Specific Anthropic model to useOPENAI_MODEL
: Specific OpenAI model to useOLLAMA_MODEL
: Specific Ollama model to useOLLAMA_URL
: URL for your local Ollama instancePROCESS_LIMIT
: Maximum number of processes to analyze
Contributions are welcome! Please feel free to submit a Pull Request.
This tool is for educational and informational purposes only. Always exercise caution when analyzing system processes and consult with cybersecurity professionals for a comprehensive security assessment.