Skip to main content

AI-powered autonomous red team testing framework

Project description

English 한국어

Decepticon Logo

Decepticon — Autonomous Red Team Agent

"Another AI hacker? Let us guess — it runs nmap and writes a report."



Install

Prerequisites: Docker and Docker Compose v2. Supported on macOS (Apple Silicon + Intel), Linux (amd64 + arm64), and Windows via WSL2 (Ubuntu or Kali). Native Windows is not supported — install WSL2 first, then run the commands below from inside the WSL shell.

curl -fsSL https://decepticon.red/install | bash
decepticon onboard   # Interactive setup wizard (provider, API key, model profile)
decepticon           # Start everything: terminal CLI + web dashboard at http://localhost:3000

Quick start · Full setup walkthrough


💖 Support Decepticon

Sponsor

We're building Decepticon toward an Offensive Vaccine for the AI-driven threat landscape. If you believe in autonomous red teaming as a path to stronger defense, consider supporting the project.


Benchmark

Decepticon — XBOW pass rate 102/104 (98.08%)
Benchmark Difficulty Pass Rate
XBOW validation-benchmarks Easy (Level 1) 45 / 45 (100 %)
XBOW validation-benchmarks Medium (Level 2) 50 / 51 (98.0 %)
XBOW validation-benchmarks Hard (Level 3) 7 / 8 (87.5 %)
XBOW validation-benchmarks All levels 102 / 104 (98.08 %)

What is Decepticon?

The "AI + hacking" space is full of demos that run nmap and print a report. That's not what this is.

Decepticon is a professional autonomous Red Team agent. It executes realistic attack chains — reconnaissance, exploitation, privilege escalation, lateral movement, C2 — the way a real adversary would, not the way a scanner does.

But more importantly: it operates under the discipline that separates red teamers from script kiddies. Before a single packet leaves the wire, Decepticon generates a complete engagement package — RoE, ConOps, Deconfliction Plan, and OPPLAN with MITRE ATT&CK mapping — and every action runs inside those defined rules.

Engagement workflow deep dive


Why Decepticon?

Real kill chains, not checkbox scans. Decepticon reads an OPPLAN and pursues objectives through whatever path opens up — pivoting, adapting, chaining techniques.

Interactive shells, actually. Real offensive tools are interactive (msfconsole, sliver-client, evil-winrm). Decepticon runs every command inside persistent tmux sessions with automatic prompt detection — so when a tool drops into an interactive prompt, the agent sends follow-up commands without workarounds.

Hardened sandbox isolation. All commands run inside a Kali Linux sandbox on a dedicated operational network (sandbox-net), separate from the management plane (decepticon-net). LangGraph drives the sandbox via the Docker socket. → Architecture

Offense serves defense. The planned Offensive Vaccine loop will turn findings into defense improvements through an attack → defend → verify cycle.


Architecture

Decepticon Infrastructure

Two-network design — management services (LiteLLM, PostgreSQL, LangGraph, Web) on decepticon-net; sandbox, C2 server, and targets on sandbox-net. Neo4j is dual-homed so the agent (on management) can persist findings written from inside the sandbox.

Architecture deep dive · Knowledge graph


Agents

16 specialist agents organized by kill chain phase, with a fresh context window per objective — no accumulated noise.

Orchestration · Reconnaissance · Exploitation · Post-Exploitation · Vulnerability Research · Domain Specialists (AD, Cloud, Smart Contracts, Reversing, Analyst).

Full agent roster and middleware stack


Models & Providers

Tier-based, credentials-aware fallback chain. You declare which credentials you have in priority order; Decepticon builds the primary→fallback chain at every tier from there.

Profile Tier per agent Use case
eco (default) Per-agent (HIGH for orchestrator/exploiter/patcher/analyst, MID for execution, LOW for recon/soundwave) Production
max Every agent on HIGH High-value targets
test Every agent on LOW Development / CI

Tier-mapped providers: Anthropic, OpenAI, Google Gemini, MiniMax, DeepSeek, xAI, Mistral, OpenRouter, Nvidia NIM, Ollama (local). Subscription OAuth: Claude Max/Pro/Team, ChatGPT Pro/Plus/Team, Gemini Advanced, Copilot Pro, SuperGrok, Perplexity Pro.

Configure via decepticon onboard. → Full model reference & fallback examples


Documentation

Topic Doc
Installation and first engagement Getting Started
Complete setup, OAuth, providers, dashboard Setup Guide
All CLI commands and keyboard shortcuts CLI Reference
All make targets Makefile Reference
Agent roster and middleware Agents
Model profiles and fallback chain Models
Skill system and format spec Skills
Web dashboard features and setup Web Dashboard
System architecture and network isolation Architecture
Neo4j knowledge graph Knowledge Graph
End-to-end engagement workflow Engagement Workflow
Offensive Vaccine loop Offensive Vaccine
Contributing to Decepticon Contributing

Contributing

git clone https://github.com/PurpleAILAB/Decepticon.git
cd Decepticon
make dogfood  # Full OSS UX (launcher → onboard → CLI) on local code
make dev      # Backend hot-reload (compose watch) — daily dev loop

Contributing guide


Community

Join the Discord — ask questions, share engagement logs, discuss techniques.


Disclaimer

Do not use this project on any system or network without explicit written authorization from the system owner. Unauthorized access to computer systems is illegal. You are solely responsible for your actions. The authors and contributors assume no liability for misuse.


License

Apache-2.0


Decepticon

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

decepticon-1.1.0.tar.gz (23.1 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

decepticon-1.1.0-py3-none-any.whl (805.4 kB view details)

Uploaded Python 3

File details

Details for the file decepticon-1.1.0.tar.gz.

File metadata

  • Download URL: decepticon-1.1.0.tar.gz
  • Upload date:
  • Size: 23.1 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.8.15

File hashes

Hashes for decepticon-1.1.0.tar.gz
Algorithm Hash digest
SHA256 27acd7944809dea3e96ff025a5cd71c5e70bc88209ba0f425719edb159fb5b28
MD5 ae855861e4c9a1f1bbc77ccfaab02d03
BLAKE2b-256 063731c1c9ec8d3d7e646689e0e9bc446576399155f8dc4750700e88ece1c6bd

See more details on using hashes here.

File details

Details for the file decepticon-1.1.0-py3-none-any.whl.

File metadata

  • Download URL: decepticon-1.1.0-py3-none-any.whl
  • Upload date:
  • Size: 805.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.8.15

File hashes

Hashes for decepticon-1.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 ad3fdf6cedc99e10134e4d4fdf07162e775adc84b03e676cb5e1499b58e2f5e9
MD5 c368c86fedb9baeeda05e24e64dfc20c
BLAKE2b-256 47ba86a2ac807dc9e5f885257f8903eb439ce1a4dd97e027b09b82e9c016327d

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page