Gemini Vuln Scanner is a Python-based MCP server that orchestrates Gemini-powered guidance to perform automated reconnaissance and vulnerability assessment workflows. The server exposes a FastAPI backend that coordinates a suite of tools (port scanning, subdomain enumeration, DNS analysis, web fetching, advanced crawling, and active vulnerability scanning) and streams progress to a client UI. By leveraging the Gemini LLM, you can formulate multi-step plans that specify which tools to run, in what order, and how to interpret results, enabling repeatable, AI-assisted security workflows. To get started, configure your Google Gemini API key, launch the server, and connect the client GUI to the server base URL to begin crafting and executing plans.

Prerequisites:

• Git
• Python 3.12 (or the version specified in the project requirements)
• Chrome/Chromium (for Selenium-based crawling)
• Google Gemini API access (via Google Cloud with Vertex AI)
• (Optional) Docker and Docker Compose for containerized setup

Step 1: Clone the repository

git clone <your-repository-url> cd <repository-name>

Step 2: Set up a Python virtual environment (recommended)

python -m venv venv source venv/bin/activate # on Linux/macOS venv\Scripts\activate # on Windows

Step 3: Install dependencies

pip install --upgrade pip pip install -r requirements.txt

Step 4: Configure environment variables

Create or edit the environment file and add your keys:

.env (example)

GOOGLE_API_KEY=YOUR_GOOGLE_API_KEY MCP_SERVER_BASE_URL=http://localhost:8000

Step 5: Run the server

python -m rizzler_server

Step 6: (Optional) Run with Docker Compose If a docker-compose.yml is provided, you can start with:

docker-compose up -d

Step 7: Verify and access Open your browser or client GUI and point it to the MCP server base URL (e.g., http://localhost:8000) to begin creating and running plans.

Notes and tips:

• Ensure your Google API key has Vertex AI Gemini access enabled.
• The server heavily relies on Selenium and ChromeDriver for web crawling; make sure ChromeDriver is installed and compatible with your Chrome version.
• For GUI/display, ensure an X11 server is available if running the client inside a container or headless environment.
• If using Docker, ensure proper port mappings (default 8000) and environment variables are propagated to the container.
• The MCP supports streaming tool output via Server-Sent Events (SSE); expect live logs in the client during long-running scans.
• If you encounter SSL or CORS issues in development, verify the MCP_SERVER_BASE_URL matches where the server is actually reachable from the client.