[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-72253":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":23,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":36,"readmeContent":37,"aiSummary":38,"trendingCount":16,"starSnapshotCount":16,"syncStatus":15,"lastSyncTime":39,"discoverSource":40},72253,"Decepticon","PurpleAILAB\u002FDecepticon","PurpleAILAB","Autonomous Hacking Agent for Red Team","https:\u002F\u002Fdecepticon.red",null,"Python",4328,862,32,2,0,37,133,695,111,110.81,"Apache License 2.0",false,"main",[26,27,28,29,30,31,32,33,34,35],"agent","ai","cybersecurity","generative-ai","hacking","langchain","langgraph","llm","pentest","pentesting","2026-06-12 04:01:04","[![English](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLanguage-English-blue?style=for-the-badge)](README.md)\n[![한국어](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLanguage-한국어-red?style=for-the-badge)](README_KO.md)\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\"assets\u002Flogo_banner.png\" alt=\"Decepticon Logo\">\n\u003C\u002Fdiv>\n\n\u003Ch1 align=\"center\">Decepticon — Autonomous Red Team Agent\u003C\u002Fh1>\n\n\u003Cp align=\"center\">\u003Ci>\"Another AI hacker? Let us guess — it runs nmap and writes a report.\"\u003C\u002Fi>\u003C\u002Fp>\n\n\u003Cdiv align=\"center\">\n\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002FDecepticon\u002Fblob\u002Fmain\u002FLICENSE\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002FPurpleAILAB\u002FDecepticon?style=for-the-badge&color=blue\" alt=\"License: Apache 2.0\">\n\u003C\u002Fa>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002FDecepticon\u002Fstargazers\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FPurpleAILAB\u002FDecepticon?style=for-the-badge&color=yellow\" alt=\"Stargazers\">\n\u003C\u002Fa>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002FDecepticon\u002Fgraphs\u002Fcontributors\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002FPurpleAILAB\u002FDecepticon?style=for-the-badge&color=orange\" alt=\"Contributors\">\n\u003C\u002Fa>\n\n\u003Cbr\u002F>\n\n\u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FTZUYsZgrRG\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDiscord-Join%20Us-7289DA?logo=discord&logoColor=white&style=for-the-badge\" alt=\"Join us on Discord\">\n\u003C\u002Fa>\n\u003Ca href=\"https:\u002F\u002Fdecepticon.red\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FWebsite-decepticon.red-brightgreen?logo=vercel&logoColor=white&style=for-the-badge\" alt=\"Website\">\n\u003C\u002Fa>\n\u003Ca href=\"https:\u002F\u002Fdocs.decepticon.red\">\n  \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocs-docs.decepticon.red-8B5CF6?logo=bookstack&logoColor=white&style=for-the-badge\" alt=\"Documentation\">\n\u003C\u002Fa>\n\n\u003C\u002Fdiv>\n\n\u003Cbr\u002F>\n\n\u003Cdiv align=\"center\">\n  \u003Cvideo src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fb3fd40d8-e859-4a39-97f4-bd825694ad96\" width=\"800\" controls>\u003C\u002Fvideo>\n\u003C\u002Fdiv>\n\n---\n\n## Install\n\n**Prerequisites**: [Docker](https:\u002F\u002Fdocs.docker.com\u002Fget-docker\u002F) and Docker Compose v2.\nSupported on macOS (Apple Silicon + Intel), Linux (amd64 + arm64), and Windows via WSL2 (Ubuntu or Kali).\nNative Windows is not supported — install WSL2 first, then run the commands below from inside the WSL shell.\n\n```bash\ncurl -fsSL https:\u002F\u002Fdecepticon.red\u002Finstall | bash\ndecepticon onboard   # Interactive setup wizard (provider, API key, model profile)\ndecepticon           # Start everything: terminal CLI + web dashboard at http:\u002F\u002Flocalhost:3000\n```\n\n→ **[Quick start](docs\u002Fgetting-started.md)** · **[Full setup walkthrough](docs\u002Fsetup-guide.md)**\n\n---\n\n## 💖 Support Decepticon\n\n[![Sponsor](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSponsor-Decepticon-red?style=for-the-badge&logo=github)](https:\u002F\u002Fgithub.com\u002Fsponsors\u002FPurpleCHOIms)\n\nWe're building Decepticon toward an **Offensive Vaccine** for the AI-driven threat landscape. If you believe in autonomous red teaming as a path to stronger defense, consider supporting the project.\n\n---\n\n## Benchmark\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\"assets\u002Fbenchmark\u002Fdecepticon_donut.png\" alt=\"Decepticon — XBOW pass rate 102\u002F104 (98.08%)\" width=\"560\">\n\u003C\u002Fdiv>\n\n| Benchmark | Difficulty | Pass Rate |\n|-----------|------------|-----------|\n| [XBOW validation-benchmarks](https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002Fxbow-validation-benchmarks) | Easy (Level 1)   | **45 \u002F 45** (100 %) |\n| [XBOW validation-benchmarks](https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002Fxbow-validation-benchmarks) | Medium (Level 2) | **50 \u002F 51** (98.0 %) |\n| [XBOW validation-benchmarks](https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002Fxbow-validation-benchmarks) | Hard (Level 3)   | **7 \u002F 8** (87.5 %) |\n| [XBOW validation-benchmarks](https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002Fxbow-validation-benchmarks) | **All levels**   | **102 \u002F 104** (98.08 %) |\n\n- **[Full per-challenge index, attack-class matrix, and LangSmith traces](benchmark\u002Fresults\u002FREADME.md)**\n- **[Comparison vs other AI pentest agents (Strix, PentestGPT, MAPTA, Cyber-AutoAgent, XBOW commercial, …)](docs\u002Fbenchmark-comparison.md)**\n\n---\n\n## What is Decepticon?\n\nThe \"AI + hacking\" space is full of demos that run nmap and print a report. That's not what this is.\n\n**Decepticon is a professional autonomous Red Team agent.** It executes realistic attack chains — reconnaissance, exploitation, privilege escalation, lateral movement, C2 — the way a real adversary would, not the way a scanner does.\n\nBut more importantly: it operates under the discipline that separates red teamers from script kiddies. Before a single packet leaves the wire, Decepticon generates a complete engagement package — **RoE**, **ConOps**, **Deconfliction Plan**, and **OPPLAN** with MITRE ATT&CK mapping — and every action runs inside those defined rules.\n\n→ **[Engagement workflow deep dive](docs\u002Fengagement-workflow.md)**\n\n---\n\n## Why Decepticon?\n\n**Real kill chains, not checkbox scans.** Decepticon reads an OPPLAN and pursues objectives through whatever path opens up — pivoting, adapting, chaining techniques.\n\n**Interactive shells, actually.** Real offensive tools are interactive (`msfconsole`, `sliver-client`, `evil-winrm`). Decepticon runs every command inside persistent tmux sessions with automatic prompt detection — so when a tool drops into an interactive prompt, the agent sends follow-up commands without workarounds.\n\n**Hardened sandbox isolation.** All commands run inside a Kali Linux sandbox on a dedicated operational network (`sandbox-net`), separate from the management plane (`decepticon-net`). LangGraph drives the sandbox via the Docker socket. → **[Architecture](docs\u002Farchitecture.md)**\n\n**Offense serves defense.** The planned [Offensive Vaccine](docs\u002Foffensive-vaccine.md) loop will turn findings into defense improvements through an attack → defend → verify cycle.\n\n---\n\n## Architecture\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\"assets\u002Fdecepticon_infra.svg\" alt=\"Decepticon Infrastructure\" width=\"680\">\n\u003C\u002Fdiv>\n\nTwo-network design — management services (LiteLLM, PostgreSQL, LangGraph, Web) on `decepticon-net`; sandbox, C2 server, and targets on `sandbox-net`. Neo4j is dual-homed so the agent (on management) can persist findings written from inside the sandbox.\n\n→ **[Architecture deep dive](docs\u002Farchitecture.md)** · **[Knowledge graph](docs\u002Fknowledge-graph.md)**\n\n---\n\n## Agents\n\n16 specialist agents organized by kill chain phase, with a fresh context window per objective — no accumulated noise.\n\nOrchestration · Reconnaissance · Exploitation · Post-Exploitation · Vulnerability Research · Domain Specialists (AD, Cloud, Smart Contracts, Reversing, Analyst).\n\n→ **[Full agent roster and middleware stack](docs\u002Fagents.md)**\n\n---\n\n## Models & Providers\n\nTier-based, credentials-aware fallback chain. You declare which credentials you have in priority order; Decepticon builds the primary→fallback chain at every tier from there.\n\n| Profile | Tier per agent | Use case |\n|---------|----------------|----------|\n| **eco** (default) | Per-agent (HIGH for orchestrator\u002Fexploiter\u002Fpatcher\u002Fanalyst, MID for execution, LOW for recon\u002Fsoundwave) | Production |\n| **max** | Every agent on HIGH | High-value targets |\n| **test** | Every agent on LOW | Development \u002F CI |\n\n**Tier-mapped providers**: Anthropic, OpenAI, Google Gemini, MiniMax, DeepSeek, xAI, Mistral, OpenRouter, Nvidia NIM, Ollama (local).\n**Subscription OAuth**: Claude Max\u002FPro\u002FTeam, ChatGPT Pro\u002FPlus\u002FTeam, Gemini Advanced, Copilot Pro, SuperGrok, Perplexity Pro.\n\nConfigure via `decepticon onboard`. → **[Full model reference & fallback examples](docs\u002Fmodels.md)**\n\n---\n\n## Documentation\n\n| Topic | Doc |\n|-------|-----|\n| Installation and first engagement | [Getting Started](docs\u002Fgetting-started.md) |\n| Complete setup, OAuth, providers, dashboard | [Setup Guide](docs\u002Fsetup-guide.md) |\n| All CLI commands and keyboard shortcuts | [CLI Reference](docs\u002Fcli-reference.md) |\n| All `make` targets | [Makefile Reference](docs\u002Fmakefile-reference.md) |\n| Agent roster and middleware | [Agents](docs\u002Fagents.md) |\n| Model profiles and fallback chain | [Models](docs\u002Fmodels.md) |\n| Skill system and format spec | [Skills](docs\u002Fskills.md) |\n| Web dashboard features and setup | [Web Dashboard](docs\u002Fweb-dashboard.md) |\n| System architecture and network isolation | [Architecture](docs\u002Farchitecture.md) |\n| Neo4j knowledge graph | [Knowledge Graph](docs\u002Fknowledge-graph.md) |\n| End-to-end engagement workflow | [Engagement Workflow](docs\u002Fengagement-workflow.md) |\n| Offensive Vaccine loop | [Offensive Vaccine](docs\u002Foffensive-vaccine.md) |\n| Contributing to Decepticon | [Contributing](docs\u002Fcontributing.md) |\n\n---\n\n## Contributing\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FPurpleAILAB\u002FDecepticon.git\ncd Decepticon\nmake dogfood  # Full OSS UX (launcher → onboard → CLI) on local code\nmake dev      # Backend hot-reload (compose watch) — daily dev loop\n```\n\n→ **[Contributing guide](docs\u002Fcontributing.md)**\n\n---\n\n## Community\n\nJoin the [Discord](https:\u002F\u002Fdiscord.gg\u002FTZUYsZgrRG) — ask questions, share engagement logs, discuss techniques.\n\n---\n\n## Disclaimer\n\nDo not use this project on any system or network without explicit written authorization from the system owner. Unauthorized access to computer systems is illegal. You are solely responsible for your actions. The authors and contributors assume no liability for misuse.\n\n---\n\n## License\n\n[Apache-2.0](LICENSE)\n\n---\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\"assets\u002Fmain.png\" alt=\"Decepticon\">\n\u003C\u002Fdiv>\n","Decepticon 是一个用于红队的自主黑客代理。它利用生成式AI、语言模型和网络安全技术，能够自动执行渗透测试任务，并提供详细的报告。项目采用Python编写，支持Docker部署，可在macOS（Apple Silicon + Intel）、Linux（amd64 + arm64）以及通过WSL2在Windows上运行。其核心功能包括自动化漏洞扫描、利用和报告生成，特别适合需要进行持续安全评估的企业或组织使用。","2026-06-11 03:41:02","high_star"]