T3MP3ST  by elder-plinius

AI-powered offensive security platform for autonomous red teaming

Created 1 week ago

New!

4,308 stars

Top 11.2% on SourcePulse

GitHubView on GitHub
Project Summary

This project provides an autonomous, multi-agent offensive security framework designed to transform existing AI coding agents into zero-day hunters. It targets security researchers, engineers, and power users by offering a self-hosted, keyless platform for automated red teaming, from reconnaissance to exploit and reporting, reducing reliance on expensive tooling and specialized expertise.

How It Works

T3MP3ST employs an 8-operator architecture (Recon, Scanner, Exploiter, etc.) orchestrated by a connected AI coding agent (e.g., Claude Code, Codex, Hermes) acting as the "brain." The framework provides the "war machine" – a suite of tools and a structured kill chain. Key differentiators include its keyless operation, leveraging existing LLM agents without new API keys or cloud costs, and a strong emphasis on reproducibility, with all performance claims verifiable via npm run verify-claims against committed data.

Quick Start & Requirements

  • Primary install/run:
    npm install
    npm run server
    
    This starts the War Room UI at http://127.0.0.1:3333/ui/.
  • Prerequisites: Node.js, and an AI coding agent (local connection or API keys for providers like OpenRouter, Venice, Anthropic, OpenAI).
  • Links: War Room UI (http://127.0.0.1:3333/ui/), documentation available in docs/.

Highlighted Details

  • Reproducible Benchmarks: All headline numbers, including 90.1% pass@1 on the XBEN suite and 8/10 post-cutoff CVEs pinned to exact file/line/CWE, are re-derivable using npm run verify-claims.
  • Keyless Operation: Integrates directly with local AI coding agents, eliminating the need for additional API keys or cloud bills.
  • Comprehensive Arsenal: Includes 35 built-in tools, expandable to 83 with T3MP3ST_FULL_ARSENAL.
  • Egress-Scope Containment: Network tools are restricted by default to the defined mission target to prevent unintended off-scope activity.

Maintenance & Community

The project encourages contributions via pull requests, inviting users to add adapters, prompt packs, or arsenal tools. The core principle is that all contributions must adhere to the "authorized testing only" rule.

Licensing & Compatibility

The project is licensed under AGPL-3.0. This strong copyleft license requires any derivative works to also be licensed under AGPL-3.0, which may impose restrictions on integration into proprietary closed-source software.

Limitations & Caveats

Several components are marked as experimental or planned, including white-box source analysis (currently Python-only ingest), DeFi exploit reproduction, and the full multi-agent swarm capabilities (Exploiter, Infiltrator, etc.), which remain unbenchmarked and unreliable. Advanced modules for cloud, mobile, and identity are still under development. Headline performance metrics are derived from single-agent runs, not the full 8-operator swarm.

Health Check
Last Commit

2 days ago

Responsiveness

Inactive

Pull Requests (30d)
60
Issues (30d)
16
Star History
4,317 stars in the last 9 days

Explore Similar Projects

Feedback? Help us improve.