AutoRedTeam-Orchestrator  by Coff0xc

AI-powered enterprise red teaming and penetration testing platform

Created 7 months ago
254 stars

Top 99.1% on SourcePulse

GitHubView on GitHub
Project Summary

Enterprise AI Red Team Platform that automates penetration testing with pure Python engines and LLM enhancements. It targets security engineers and researchers, offering a comprehensive, self-contained framework that reduces reliance on external tools and streamlines complex attack scenarios.

How It Works

This platform orchestrates security testing using a suite of 132 MCP tools, built upon 26 pure Python vulnerability detectors. Its core novelty lies in its self-sufficiency, automatically downloading and integrating external tools like sqlmap and nuclei, while providing its own Python-based Nuclei engine. Attack planning utilizes Monte Carlo Tree Search (MCTS), and LLM integration (optional) enhances decision-making, falling back to rule-based engines if unavailable. Execution can be sandboxed within Docker containers.

Quick Start & Requirements

Installation involves cloning the repository, navigating to the directory, and installing dependencies:

git clone https://github.com/Coff0xc/AutoRedTeam-Orchestrator.git
cd AutoRedTeam-Orchestrator
pip install -r requirements.txt

Verification can be done via:

python -c "from autort import Scanner; print('OK')"

Primary interfaces include a Python SDK, a Typer CLI (autort), and an MCP (JSON-RPC) server for AI editor integration. Docker and LLM providers (e.g., Ollama, OpenAI) are optional prerequisites.

Highlighted Details

  • 132 MCP tools, 26 pure Python vulnerability detectors covering OWASP Top 10+ (SQLi, XSS, SSRF, RCE, etc.).
  • Pure Python Nuclei engine parses YAML templates without requiring the nuclei binary.
  • Optional LLM integration for enhanced decision-making, with automatic fallback to rule-based engines.
  • Docker sandbox for secure, isolated execution of tools and payloads.
  • CI/CD integration with SARIF output, automatically uploading results to GitHub Security tab.
  • MCTS-based attack planning and an SQLite knowledge graph for attack path analysis.
  • Built-in C2 server and post-exploitation execution layer.

Maintenance & Community

The project roadmap outlines upcoming features including a Web Dashboard, multi-agent collaboration, and a playbook system for automated attack scenarios. Contribution guidelines and commit conventions are provided, welcoming community involvement.

Licensing & Compatibility

The project is released under the MIT License. However, a strong disclaimer states the tool is intended solely for authorized security testing and educational research, with unauthorized use being illegal. This implies careful consideration for commercial adoption or integration into closed-source workflows.

Limitations & Caveats

LLM integration and the Docker sandbox are optional features requiring separate configuration and setup. The project's disclaimer emphasizes strict authorization requirements, potentially limiting its use in environments without explicit, documented permissions. Key features like a web dashboard and multi-agent collaboration are still under development as per the roadmap.

Health Check
Last Commit

1 month ago

Responsiveness

Inactive

Pull Requests (30d)
0
Issues (30d)
0
Star History
7 stars in the last 30 days

Explore Similar Projects

Feedback? Help us improve.