TopicAI is a comprehensive, enterprise-grade platform designed to automate and secure the API testing lifecycle using Agentic AI. The platform integrates advanced vulnerability analysis, real-time audit logging, and sophisticated security protocols to ensure that API endpoints are resilient against modern threats. By leveraging OpenAI for intelligent analysis and Ory for robust identity management, TopicAI provides a seamless experience for both developers and security administrators.
- Intelligent vulnerability detection using OpenAI models.
- Automated security scoring and risk assessment for API projects.
- Context-aware recommendations for remediation based on discovered vulnerabilities.
- Project-based organization for API testing suites.
- Vulnerability tracking with severity classification (Critical, High, Medium, Low, Info).
- Detailed reporting and findings summary for every project.
- Integration with Ory Network for secure, production-ready authentication.
- Role-Based Access Control (RBAC) to distinguish between standard users and administrators.
- Support for secure session management and administrative elevation.
- Real-time tracking of all critical system actions.
- Detailed success/failure reporting for security events.
- Administrative tools for log purging and historical analysis.
- Unified dashboard for platform-wide statistics and user management.
- Integrated newsletter and inquiry handling system.
- Global visibility into all projects and discovered vulnerabilities.
- Node.js & Express: Core API framework.
- MongoDB & Mongoose: Scalable data persistence for users, projects, and logs.
- Ory Client: Integration for identity and session validation.
- OpenAI SDK: Powering the intelligent analysis engine.
- Security Middleware: Implementation of Helmet, Rate Limiting, and Mongo Sanitize for defense-in-depth.
- Next.js: Framework for both the main application and the administrative interface.
- Tailwind CSS: Modern, utility-first styling for a premium UI/UX.
- Framer Motion: Professional animations within the admin portal.
- Recharts: Data visualization for security statistics and audit metrics.
- Node.js (v18 or higher)
- MongoDB instance
- Ory Network account and project
- OpenAI API Key
-
Clone the repository:
git clone https://github.com/AbdulAHAD968/Agentic-AI-Driven-Secure-API-Testing-Analysis-Platform.git
-
Install dependencies for all components:
# Backend cd BACKEND npm install # Frontend cd ../frontend npm install # Admin Portal cd ../admin npm install
-
Configure environment variables in the
.envfiles within each directory. -
Initialize the administrative user:
cd BACKEND npm run seed:admin -
Start the development servers:
# Backend npm run dev # Frontend/Admin npm run dev
TopicAI prioritizes security at every layer:
- Data Protection: Encryption at rest and in transit.
- API Security: Strict rate limiting and input sanitization to prevent injection attacks.
- Auditability: Every administrative action is recorded in audit logs.
- Authentication: Modern identity patterns via Ory.
This project is licensed under the ISC License.