// the find
PurpleAILAB/Decepticon
Autonomous Hacking Agent for Red Team
Decepticon is an autonomous red team agent built on LangGraph that runs full attack chains — recon through C2 — inside an isolated Kali sandbox, not just a wrapper around nmap. It's aimed at professional pentesters who want to automate multi-step engagements with MITRE ATT&CK-mapped planning documents generated before any traffic hits the wire. The 98% pass rate on XBOW's validation benchmarks is the most credible thing in the README.
The two-network Docker isolation (management plane separate from sandbox-net) is the right architecture for this problem — it means a compromised target can't reach the orchestration layer. Persistent tmux sessions for interactive tools like msfconsole and evil-winrm solve the real pain point that most AI hacking tools paper over with subprocess calls. The tiered model fallback system (eco/max/test profiles, credentials-aware chain across Anthropic/OpenAI/Gemini/Ollama) means you can run it cheaply for dev and crank it up for real engagements. Publishing benchmark results with per-challenge evidence and LangSmith traces rather than just a headline number is how you build trust.
The cloud-hosted option at app.decepticon.red is a significant trust problem for a red team tool — you're sending engagement targets, findings, and attack chains to someone else's server, and the README doesn't address the data handling. The 'Offensive Vaccine' loop is described as planned future work but presented in the architecture like it exists today, which is misleading. The pip install path requires you to still run the Docker stack for the LLM proxy and sandbox anyway, making the library abstraction thinner than it looks. Neo4j being dual-homed across both networks to persist findings is architecturally necessary but creates an obvious lateral movement path if that service is ever compromised.