This repository serves as the official resource hub for the Tencent Intelligent Penetration Hackathon, aggregating defense materials from winning teams and linking to open-source projects from top participants. It aims to be a one-stop navigation page for the intelligent penetration agent domain, benefiting cybersecurity practitioners by facilitating learning, communication, and innovation in AI-driven security.

How It Works

The hackathon focuses on the integration of AI large models with cybersecurity, specifically exploring the application of intelligent agents (LLM-based) in automated penetration testing. Competitions involved online agent-based capture-the-flag challenges within a realistic, self-developed target environment, benchmarked against XBOW. Participants developed agents to autonomously discover vulnerabilities, navigate systems, and capture flags, with final scores determined by both online performance and offline defense presentations. The top teams showcase diverse approaches including multi-agent collaboration, autonomous planning, and scenario-aware penetration strategies.

Quick Start & Requirements

To access the materials, clone the repository using git clone https://github.com/Yeti-791/Tsec-Hackathon.git and navigate into the directory. Further details and defense PPTs can be found within the 首期智能渗透黑客松/ directory. Links to official event pages and defense videos are provided within the README.

Highlighted Details

• Showcases cutting-edge AI-driven penetration testing agents, including those employing multi-agent collaboration, LLM autonomous planning, and scenario-aware black-box penetration.
• Features projects with innovative core technologies such as state-aware reasoning, causal inference, minimal-code AI agents, and cognitive capabilities for autonomous planning.
• Utilizes a realistic, self-developed target environment and the XBOW Benchmark for authentic attack and defense simulations.
• Offers significant event rewards, including substantial cash prizes (up to ¥60,000) and open-source contribution awards.

Maintenance & Community

The repository is intended for continuous updates with official event information and team project addresses. Contributions are welcomed via GitHub Issues and Pull Requests. Community interaction is facilitated through an official WeChat group (contact: Wx62887799).

Licensing & Compatibility

All materials within this repository are strictly for technical learning and communication in network security and are prohibited for commercial use. Usage of individual team open-source projects requires adherence to their respective project licenses.

Limitations & Caveats

This repository functions primarily as a curated collection of resources and a navigation hub for a specific hackathon event. It does not provide a deployable tool itself. Commercial use of the provided materials is explicitly forbidden, and users must comply with the individual licenses of the linked open-source projects.