When AI Agents can not only help you write code but also simulate hacker attacks on your systems, the way security testing works is changing.
Decepticon (github.com/PurpleAILAB/Decepticon) is an open-source multi-Agent autonomous red team testing platform, licensed under Apache 2.0 and written in Python. It’s not a single-point tool but a complete attack chain simulation system—inside a hardened Kali sandbox, multiple Agents handle reconnaissance, exploitation, privilege escalation, and lateral movement, autonomously completing the full penetration testing workflow.
The Problem It Solves
Traditional security penetration testing relies on human expertise: security engineers manually execute reconnaissance, scanning, exploitation, and post-exploitation steps. AI changes this paradigm—but most AI security tools still停留在 “single-step Q&A” stage.
Decepticon’s core innovation is multi-Agent collaboration simulating the complete Kill Chain:
- Recon Agent - Information gathering, port scanning, service identification
- Exploitation Agent - Vulnerability matching, exploit selection and execution
- Privilege Escalation Agent - Local escalation, credential harvesting
- Lateral Movement Agent - Infiltration, domain controller attacks
Quick Start
# Clone the project
git clone https://github.com/PurpleAILAB/Decepticon.git
cd Decepticon
# Requires Kali Linux environment and Python dependencies
pip install -r requirements.txt
# Run red team testing in sandbox
python decepticon.py --target <target>Primary Sources: