{"id":32533678,"url":"https://github.com/stratosphereips/aracne","last_synced_at":"2026-05-16T11:03:15.754Z","repository":{"id":320374541,"uuid":"1078206891","full_name":"stratosphereips/aracne","owner":"stratosphereips","description":"A 100% autonomous AI agent that attacks, defends, admins and acts on SSH connections","archived":false,"fork":false,"pushed_at":"2025-11-26T13:59:06.000Z","size":57,"stargazers_count":8,"open_issues_count":2,"forks_count":3,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-11-29T01:22:17.535Z","etag":null,"topics":["agents","security"],"latest_commit_sha":null,"homepage":"https://www.stratosphereips.org/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stratosphereips.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-17T11:19:48.000Z","updated_at":"2025-11-26T13:58:56.000Z","dependencies_parsed_at":"2025-10-23T13:32:23.717Z","dependency_job_id":"344717e5-8643-4fc0-8fe1-66095478c691","html_url":"https://github.com/stratosphereips/aracne","commit_stats":null,"previous_names":["stratosphereips/aracne"],"tags_count":2,"template":false,"template_full_name":"stratosphereips/awesome-code-template","purl":"pkg:github/stratosphereips/aracne","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stratosphereips%2Faracne","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stratosphereips%2Faracne/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stratosphereips%2Faracne/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stratosphereips%2Faracne/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stratosphereips","download_url":"https://codeload.github.com/stratosphereips/aracne/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stratosphereips%2Faracne/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33100319,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-16T04:41:52.686Z","status":"ssl_error","status_checked_at":"2026-05-16T04:41:52.009Z","response_time":115,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agents","security"],"created_at":"2025-10-28T13:00:56.932Z","updated_at":"2026-05-16T11:03:15.748Z","avatar_url":"https://github.com/stratosphereips.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ARACNE: Autonomous LLM-based Pentesting Agent\n\nARACNE is an SSH-driven pentesting agent orchestrated by LLMs. It can plan, execute, and adapt attack chains while recording detailed telemetry across multiple logs. It supports both cloud-hosted and local (Ollama) models with per-role configuration.\n\n## Table of Contents\n\n- [Setup](#setup)\n- [Configuration](#configuration)\n- [Usage](#usage)\n- [Goals](#goals)\n- [Logs](#logs)\n- [Troubleshooting](#troubleshooting)\n- [License](#license)\n\n## Setup\n\n### Requirements\n\n- Python 3.10+\n- `pip`\n- Optional: Docker, Ollama daemon\n\n### Installation\n\n```bash\ngit clone https://github.com/stratosphereips/aracne.git\ncd aracne\n\npython -m venv venv\nsource venv/bin/activate  # Windows: venv\\Scripts\\activate\n\npip install -r requirements.txt\ncp env_EXAMPLE agent/.env\n```\n\nPopulate `agent/.env` with SSH target credentials and (optional) OpenAI API key.\n\n## Configuration\n\nRuntime behavior is driven by YAML files (default: `agent/config/AttackConfig.yaml`). Use `--config` to point to alternatives (e.g., `AttackConfig_local.yaml`).\n\n```yaml\ngoal: \"\"                     # Optional default goal\nllm_providers:\n  openai:\n    kind: openai            # Uses OPENAI_API_KEY / OPENAI_BASE_URL if set\n  ollama:\n    kind: ollama\n    host: localhost\n    port: 11434\n  cesnet:\n    kind: openai\n    base_url: https://chat.ai.e-infra.cz/api\n    api_key_env: CESNET_API_KEY\ntargets:                     # Named SSH target profiles\n  ubuntu:\n    host: localhost\n    port: 23\n    user: root\n    password: 123456\n  shellm:\n    host: localhost\n    port: 22\n    user: admin\n    password: admin\ndefault_target: ubuntu        # Which profile to load by default\nplanner_source: \"openai\"     # openai | ollama | cesnet\nplanner_model: \"o3-mini-2025-01-31\"\nsummarizing: false\nsummarizer_source: \"openai\"  # openai | ollama | cesnet\nsummarizer_model: \"gpt-4o-2024-08-06\"\ninterpreter_source: \"ollama\"  # openai | ollama | cesnet\ninterpreter_model: \"qwen3:1.7b\"\naction_limit: 30\n```\n\nYou can switch targets by editing the `default_target` value or adding additional entries under `targets` for your own machines.\n\nThe `llm_providers` section declares connection details for each LLM backend. Providers of kind `openai` use the OpenAI-compatible API, while providers of kind `ollama` route to a local Ollama daemon (either via `host`/`port` or a `base_url`).\n\n**Key rules**\n- Any source set to `openai` requires an API key (e.g., `OPENAI_API_KEY`, `CESNET_API_KEY`) and optionally a `base_url` declared under `llm_providers`.\n- Any source set to `ollama` must have a provider entry with connection details (host/port or `base_url`).\n- Provider names (`openai`, `ollama`, `cesnet`, etc.) are referenced by `planner_source`, `summarizer_source`, and `interpreter_source`.\n\n### CESNET OpenAI-Compatible Endpoint\n\nIf you have access to the CESNET deployment you can reuse the OpenAI client without modifying the code by exporting the following variables:\n\n```bash\nexport CESNET_API_KEY=\"\u003cyour token\u003e\"\nexport CESNET_BASE_URL=\"https://chat.ai.e-infra.cz/api\"   # optional; default when CESNET_API_KEY is set\n# (optional) keep legacy tools happy\nexport OPENAI_API_KEY=\"${CESNET_API_KEY}\"\n```\n\n- Models default to `qwen3-coder` unless overridden in the YAML config.\n- The agent automatically points the OpenAI SDK at the CESNET base URL when `CESNET_API_KEY` is present.\n\nExample curl call:\n\n```bash\ncurl https://chat.ai.e-infra.cz/api/v1/chat/completions \\\n  -H \"Authorization: Bearer ${CESNET_API_KEY}\" \\\n  -H \"Content-Type: application/json\" \\\n  -d '{\n        \"model\": \"qwen3-coder\",\n        \"messages\": [\n          {\"role\": \"system\", \"content\": \"You are a helpful assistant.\"},\n          {\"role\": \"user\", \"content\": \"Hello from CESNET!\"}\n        ]\n      }'\n```\n\nIn your ARACNE YAML, set any role to the `cesnet` provider (for example `planner_source: \"cesnet\"`) and choose a compatible model such as `qwen3-coder`.\n\n## Usage\n\nRun from the repository root using the wrapper:\n\n```bash\npython aracne.py -h\n```\n\n```\nusage: aracne.py [-h] [-e ENV] [-s] [-g GOAL] [-o OLLAMA_IP] [-c CONFIG]\n\nPentesting Agent CLI\n\noptional arguments:\n  -h, --help            Show help and exit\n  -e ENV, --env ENV     Path to .env (default: .env)\n  -s, --summarize       Enable on-the-fly summarization\n  -g GOAL, --goal GOAL  Override goal from CLI\n  -o OLLAMA_IP, --ollama-ip OLLAMA_IP\n                        Override Ollama host/IP\n  -c CONFIG, --config CONFIG\n                        Path to YAML config (default: agent/config/AttackConfig.yaml)\n```\n\nCLI overrides take precedence over YAML defaults. Example:\n\n```bash\npython aracne.py \\\n  -e agent/.env-local \\\n  -c agent/config/AttackConfig_local.yaml \\\n  -g \"Enumerate services\" \\\n  -o 10.0.0.50 \\\n  -s\n```\n\n### Switching Models\n\n- To use OpenAI for planner/summarizer: set `*_source: \"openai\"` and corresponding `*_model`.\n- To run entirely on Ollama: set `planner_source: \"ollama\"`, `summarizer_source: \"ollama\"`, `interpreter_source: \"ollama\"` (or `\"local\"`) and supply models that exist locally (e.g., `qwen3:1.7b`).\n\n### Docker\n\nBuild the images once:\n\n```bash\ndocker compose build\n```\n\nRun the ARACNE CLI inside its container:\n\n```bash\ndocker compose up -d aracne\ndocker exec -it aracne python aracne.py -e agent/.env -c agent/config/AttackConfig.yaml\n```\n\n#### Optional: Launch a local SSH playground\n\nIf you need a disposable SSH target you can start the companion container:\n\n```bash\ndocker compose up -d ssh-target\n```\n\nThe container is based on Ubuntu and exposes SSH on the host at `127.0.0.1:2222` with the following credentials:\n\n| Field        | Value        |\n|--------------|--------------|\n| Username     | `root`       |\n| Password     | `y54325342`  |\n| Host         | `127.0.0.1`  |\n| Port         | `2222`       |\n\nTo target the playground container, update your YAML or pass CLI overrides, e.g.:\n\n```yaml\nssh_host: \"127.0.0.1\"\nssh_port: 2222\nssh_user: \"root\"\nssh_password: \"y54325342\"\n```\n\nStop the playground when you are done:\n\n```bash\ndocker compose stop ssh-target\n```\n\nMount or copy configuration/env files as needed by editing `docker-compose.yml`.\n\n## Goals\n\nIf no goal is specified, ARACNE prompts you with a list of predefined pentesting objectives (privilege escalation, detecting honeypots, exfiltration, etc.). Provide a goal via config or CLI to skip the prompt.\n\n## Logs\n\nLogs live under `logs/` and are rebuilt on each run:\n\n| File              | Description                                                       |\n|-------------------|-------------------------------------------------------------------|\n| `agent.log`       | Colorized simulation of the remote shell (commands + output).     |\n| `context.log`     | Sequenced LLM call trace with prompts, responses, summaries, etc. |\n\n`context.log` uses ANSI colors, section dividers, and indenting for readability.\n\n## Troubleshooting\n\n- **Missing model**: Ensure `planner_model`/`interpreter_model` exists locally (`ollama pull \u003cmodel\u003e`).\n- **OpenAI errors**: Verify `OPENAI_API_KEY` and model names match your subscription.\n- **SSH failures**: Confirm `.env` has `SSH_HOST/SSH_USER/SSH_PASSWORD` values and the target is reachable.\n- **Action limit**: Increase `action_limit` for longer engagements.\n\n## License\n\nGPL-2.0. See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstratosphereips%2Faracne","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstratosphereips%2Faracne","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstratosphereips%2Faracne/lists"}