ENNAENNA

Decepticon

GPL-3.0

๐Ÿ”ฅ Offensive Ops ยท Python

Decepticon is an AI-powered autonomous red team framework that executes complete attack chains from initial reconnaissance through command and control establishment. It uses a Neo4j knowledge graph to track discovered assets, vulnerabilities, and successful exploitation paths. Every action maps to MITRE ATT&CK technique IDs, making it useful for both offensive testing and detection engineering. Includes configurable rules of engagement to prevent out-of-scope actions, automated reporting, and integration with common C2 frameworks.

3.5kstars
410forks
23issues
Updated 6d ago
+I use this
View on GitHub

Installation

$ pip install decepticon-rt

Use Cases

  • Automated adversary emulation with full kill chains
  • Detection engineering validation
  • Purple team exercises with ATT&CK mapping
  • Continuous security validation

Tags

autonomousred-teamai-agentkill-chainattack-graph

Details

Category
๐Ÿ”ฅ Offensive Ops
Language
Python
License
GPL-3.0
Platforms
๐Ÿงlinux

Links

GitHub Repository

github.com/PurpleAILAB/Decepticon

Releases

github.com/PurpleAILAB/Decepticon/releases

Issues

github.com/PurpleAILAB/Decepticon/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

CALDERA

Python

MITRE ATT&CK-based automated adversary emulation platform for red team operations and security testing.

Compare Decepticon vs CALDERA

Stratus Red Team

Go

Datadog's adversary emulation for cloud environments (AWS, Azure, GCP, K8s) mapped to MITRE ATT&CK.

Compare Decepticon vs Stratus Red Team

Empire

Python

Post-exploitation and adversary emulation framework with PowerShell, Python, and C# agents. BC-Security maintained fork.

Compare Decepticon vs Empire

RedAmon

Python

AI-powered agentic red team framework automating recon through exploitation with LangGraph, Neo4j, and 70+ integrated tools.

Compare Decepticon vs RedAmon

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound