Security professionals today often find a frustrating gap between AI capability and operational reality. When a practitioner asks a standard large language model to analyze a vulnerability, the result is typically a theoretical explanation or a handful of basic `nmap` commands. The actual labor of penetration testing—establishing a shell, escalating privileges, and meticulously documenting the attack path—remains a manual, repetitive grind. The industry has plenty of AI consultants, but it lacks an AI operator.

The Architecture of 16 Specialized Agents

Decepticon shifts the paradigm by deploying a virtual red team consisting of 16 specialized agents. Rather than relying on a single general-purpose prompt, the system distributes the attack chain across a hierarchy of experts. These agents are categorized into core functional groups: Orchestration, Reconnaissance, Exploitation, Post-Exploitation, and Vulnerability Research. To handle the complexities of modern enterprise environments, Decepticon integrates domain-specific agents dedicated to Active Directory, Cloud infrastructure, Smart Contracts, Reversing, and general Analysis.

This multi-agent structure is supported by a tier-based fallback chain that manages credentials. When the system acquires an authentication token or account privilege, it assigns a priority level. If a primary attack path fails due to authentication errors, the system automatically pivots to a fallback path using lower-tier credentials. This removes the need for a human operator to manually adjust the attack vector every time a credential fails, ensuring the momentum of the intrusion remains unbroken.

Operational flexibility is handled through three distinct modes: `eco`, `max`, and `test`. In `eco` mode, the system applies tiered agent levels to minimize resource consumption in production environments. The `max` mode sets all agents to a high-performance tier for high-value targets requiring maximum aggression. The `test` mode utilizes low-tier agents, primarily for validation within development or continuous integration environments. To maintain precision over long-term operations, Decepticon resets the context window whenever a new target is established. This prevents the accumulation of noise—such as failed logs or irrelevant command outputs—that typically causes LLMs to hallucinate or deviate from the primary objective.

Beyond Scripts: The Interactive Sandbox and Tactical Planning

The critical distinction between Decepticon and previous automation tools lies in its execution environment. Most AI security tools operate via stateless API calls, but real-world hacking requires stateful persistence. Decepticon solves this by running all operations within a Kali Linux sandbox managed by LangGraph via Docker sockets. The network architecture is split into two isolated layers: `sandbox-net` for the actual attack traffic and `decepticon-net` for agent management. This separation ensures that control signals do not interfere with the target analysis and allows for tighter management of the attack's footprint.

To achieve true operational continuity, Decepticon utilizes permanent `tmux` sessions to maintain interactive shells. This allows the agent to keep tools like `msfconsole`, `sliver-client`, and `evil-winrm` running in the background. Instead of sending a command and hoping for a clean output, the agent uses an automatic prompt detection feature to read the shell's real-time response, identifying its current location in the system before issuing the next command. This mimics the behavior of a human hacker, enabling complex lateral movement and privilege escalation that would be impossible with one-off script executions.

Before a single packet is sent, the system generates a comprehensive engagement package. This includes a Rules of Engagement (RoE) document, a Concept of Operations (ConOps), a Deconfliction Plan, and a formal Operation Plan (OPPLAN). Every action taken by the agents is precisely mapped to the MITRE ATT&CK framework, transforming the process from a series of random scans into a codified military-grade operation.

Decepticon is released under the Apache-2.0 license and is compatible with macOS, Linux, and Windows via WSL2. The system is designed to be model-agnostic, supporting a wide array of LLM providers including Anthropic, OpenAI, Google Gemini, MiniMax, DeepSeek, xAI, Mistral, OpenRouter, Nvidia NIM, and Ollama. This allows users to swap the underlying intelligence based on the complexity of the target or the required level of stealth.

The transition from theoretical AI assistance to autonomous execution depends entirely on the precision of the sandbox and the depth of tool control.