This project provides a collection of agents powered by Large Language Models (LLMs) to automate common cybersecurity tasks. Built on the AutoGen framework, it targets cybersecurity professionals seeking to streamline repetitive operations, enhance strategic analysis, and accelerate detection engineering. The primary benefit is the automation of complex security workflows, freeing up human analysts for higher-level decision-making.

How It Works

The framework utilizes AutoGen for orchestrating multi-agent conversations and task execution. Its core design emphasizes a modular approach, allowing individual agents and tasks to be combined and customized for specific security needs. This architecture, coupled with "batteries included" pre-defined workflows and agents, aims to provide flexibility, scalability, and rapid deployment of automation solutions for the evolving cyber threat landscape.

Quick Start & Requirements

• Install: pip install -r requirements
• Configure: Copy .env_template to .env and populate with LLM API information and other parameters.
• Run: Execute scenarios using python run_agents.py <scenario-name> (e.g., python run_agents.py HELLO_AGENTS for a basic test).
• Optional Server: Start an HTTP/FTP server for demos with python run_servers.py.
• Prerequisites: OpenAI API key.
• Caution: Running LLM-generated code poses a security risk; use in a virtual or test environment.

Highlighted Details

• Built on AutoGen for robust agent-based automation.
• Modular design enables flexible customization of cybersecurity workflows.
• Offers pre-defined agents, tasks, and workflows for immediate use.
• Associated with RSAC2024 talks on EDR bypasses and automated detection engineering.

Maintenance & Community

Contributions from the community are welcomed via pull requests. Specific community channels (e.g., Discord, Slack) or a public roadmap are not detailed in the provided README.

Licensing & Compatibility

The project is released under the GNU GENERAL PUBLIC LICENSE v3 (GPL-3). This strong copyleft license may impose restrictions on integrating this software into proprietary or closed-source projects without making the combined work also available under GPL-3.

Limitations & Caveats

The software is in its early stages of development and may contain unstable components or lead to breaking changes. Users should exercise caution, particularly regarding the security risks associated with executing LLM-generated code.