Not another vulnerability scanner. ThreatMap is a workflow engine that turns raw scan outputs into structured findings and actionable intelligence.
ThreatMap automates: discovery, evidence collection, local SLM analysis, and report generation from a clean CLI workflow.
- Converts raw tool outputs into prioritized findings
- Produces HTML, Excel, and evidence logs
- Keeps analysis local with no external API dependency
- Designed for developers and security engineers, not endless tool spam
| CLI Run | HTML Report |
|---|---|
 |
 |
- Structured output from raw recon and scan results
- Local SLM-based analysis for vulnerability context
- HTML report and Excel export ready for sharing
- Evidence logs for auditing and review
- Minimal CLI experience with guided scan flow
./install.sh
./threatmapOne command to install, one command to start.
./threatmap- Enter target or asset list
- Confirm authorization
- Review discovered assets and scan progress
- Open HTML report or export Excel
- HTML — readable, structured report for review
- Excel — exportable findings for stakeholders
- Logs / Evidence — raw proof from each scan step
- Discovery — find assets and targets
- Scanning — run the right tools automatically
- Evidence — collect raw proofs and artifacts
- Analysis — apply local SLM insights and structure findings
- Reporting — generate HTML, Excel, and logs
- Not just scanning → structured, actionable output
- Built for developers and security teams, not tool collectors
- Local SLM analysis with zero API calls
- Clean CLI UX instead of long tool chains
Use only on systems you own or are authorized to test. Unauthorized scanning is illegal.
Issues, fixes, and feature ideas are welcome. Send a PR or open an issue to improve the workflow.