https://github.com/abhinandan-khurana/exploit-payload-generator-ai-agent
A powerful local AI-agentic tool that generates and validates advanced exploit payloads using CrewAI framework.
https://github.com/abhinandan-khurana/exploit-payload-generator-ai-agent
ai-agent ai-agents-framework crewai cybersecurity edr-bypass edr-evasion llm local-ai local-llm ollama opsec payload-generator red-team red-team-tools red-teaming tools
Last synced: 8 months ago
JSON representation
A powerful local AI-agentic tool that generates and validates advanced exploit payloads using CrewAI framework.
- Host: GitHub
- URL: https://github.com/abhinandan-khurana/exploit-payload-generator-ai-agent
- Owner: Abhinandan-Khurana
- License: mit
- Created: 2025-02-13T09:43:41.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2025-02-17T11:29:42.000Z (8 months ago)
- Last Synced: 2025-02-17T12:29:29.651Z (8 months ago)
- Topics: ai-agent, ai-agents-framework, crewai, cybersecurity, edr-bypass, edr-evasion, llm, local-ai, local-llm, ollama, opsec, payload-generator, red-team, red-team-tools, red-teaming, tools
- Language: Python
- Homepage:
- Size: 168 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://www.python.org/downloads/) [](https://www.crewai.com/) [](https://opensource.org/licenses/MIT) [](https://github.com/Abhinandan-Khurana/exploit-payload-generator-ai-agent/issues) [](http://makeapullrequest.com) [](https://ollama.ai/) [](https://github.com/Abhinandan-Khurana/exploit-payload-generator-ai-agent)
# Exploit Payload Generator (AI agentic assistant)]
A powerful AI-agentic tool that generates and validates advanced exploit payloads using CrewAI framework.
This project leverages multiple AI agents working together to create, review, and refine exploitation techniques with a focus on EDR evasion and OPSEC considerations.
It follows the methodology of Feedback loop inside agentic workflow.
## Problem Statement
Red Team operations often require complex exploit payloads that need to:
- Be technically accurate and effective
- Evade modern EDR solutions
- Maintain OPSEC
- Include proper implementation details
- Be thoroughly validated
Manually developing these payloads is time-consuming and error-prone. This project automates the process using AI agents.
## Solution
#### [Non-Perfect intial PoC
The project implements a multi-agent AI system using CrewAI with:
1. **Payload Generator Agent**: Creates advanced exploit payloads with:
- Technical implementation details
- EDR evasion techniques
- Build instructions
- Testing procedures
2. **Payload Reviewer Agent**: Validates payloads for:
- Technical accuracy
- Implementation feasibility
- OPSEC considerations
- Documentation completeness
3. **Feedback Loop System**:
- Automated refinement through up to 3 iterations
- Detailed feedback for improvements
- Quality assurance checks
# Sequential Diagram working workflow for this FLOW:
```bash
sequenceDiagram
participant User
participant ExploitPayloadGeneratorHelperFlow
participant PayloadExploitCrew
participant PayloadExploitReviewCrew
participant FileSystem
User->>ExploitPayloadGeneratorHelperFlow: kickoff()
activate ExploitPayloadGeneratorHelperFlow
rect rgb(200, 220, 240)
Note over ExploitPayloadGeneratorHelperFlow: Start: generate_PayloadExploit
ExploitPayloadGeneratorHelperFlow->>PayloadExploitCrew: crew().kickoff(context, feedback)
PayloadExploitCrew-->>ExploitPayloadGeneratorHelperFlow: PayloadExploit_draft
end
rect rgb(220, 200, 240)
Note over ExploitPayloadGeneratorHelperFlow: Router: evaluate_PayloadExploit
ExploitPayloadGeneratorHelperFlow->>PayloadExploitReviewCrew: crew().kickoff(PayloadExploit_draft)
PayloadExploitReviewCrew-->>ExploitPayloadGeneratorHelperFlow: {valid, feedback}
alt is valid
ExploitPayloadGeneratorHelperFlow->>ExploitPayloadGeneratorHelperFlow: route to "completed"
else retry count < 3
ExploitPayloadGeneratorHelperFlow->>ExploitPayloadGeneratorHelperFlow: route to "retry"
ExploitPayloadGeneratorHelperFlow->>PayloadExploitCrew: Retry with feedback
else retry count >= 3
ExploitPayloadGeneratorHelperFlow->>ExploitPayloadGeneratorHelperFlow: route to "max_retry_reached"
end
end
alt completed
ExploitPayloadGeneratorHelperFlow->>FileSystem: Save PayloadExploit.md
FileSystem-->>ExploitPayloadGeneratorHelperFlow: File saved
else max_retry_reached
ExploitPayloadGeneratorHelperFlow->>User: Display final PayloadExploit and feedback
end
deactivate ExploitPayloadGeneratorHelperFlow
```
## Requirements & Local Setup
- Python >=3.10 < 3.13
- UV package manager
- Ollama (for local LLM support)
## Local Setup
1. Clone the repository:
```bash
git clone https://github.com/Abhinandan-Khurana/exploit-payload-generator-ai-agent.git
cd exploit-payload-generator-ai-agent
```
2. Install UV if not already installed:
```basch
pip install uv
```
3. Install dependencies:
```bash
uv pip install -e .
# OR
crewai install
```
4. Install Ollama for local LLM support:
```bash
curl https://ollama.ai/install.sh | sh
```
5. Install whiterabbitneo and hermes3:
```bash
ollama pull rfc/whiterabbitneo
ollama pull hermes3
```
### Running the Project
1. Start Ollama (if using local LLMs):
```bash
ollama serve
```
2. Run the project
```bash
crewai flow kickoff
```
### The system will generate a payload, review it, and either:
- Save the final payload to `generated_final_payload.md` if validated
- Display feedback and retry up to 3 times if issues are found
### Important Notes
- `Results may be redundant` or vary between runs due to the nature of LLM responses
- The system `prioritizes accuracy over speed`
- Each iteration improves payload quality through `AI feedback`
- Local LLMs may provide different results compared to OpenAI's models
### Contributing
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first.
### Author
[Abhinandan Khurana](https://github.com/Abhinandan-Khurana)