RedAGPT is a toolkit designed to test network and other vulnerabilities for homes and offices. It uses cutting-edge technologies such as AutoGPT and Langchain to offer a highly efficient and effective security testing experience. The tool kit is designed with a focus on prompt engineering and seamless integration into security-focused Linux environments. This ensures that security professionals can easily use the tool kit to test for vulnerabilities in their networks and systems.
The core technology used in the tool kit is AI, specifically AutoGPT using GPT-3 via the Langchain library. The AI runs a series of tests to detect vulnerabilities in the network and systems to then analyze the results of these tests and generate a comprehensive security report. This report details the vulnerabilities detected, their severity level, and recommendations on how to fix them.
Overall, the tool kit is for security professionals looking for smarter security testing tools. Its use of AI and its ability to generate comprehensive reports makes it an essential tool for security professionals looking to keep their networks and systems secure.
- Engineering security tools through AutoGPT prompting
- Integration with a multi-page Streamlit experience (landing page + audit console)
- Built-in Stripe checkout flow for rapid monetisation
- Report generation
- Dynamic VectorStorage integration
- LangChain core & community toolkits
- AutoGPT experimental module via LangChain
- LangChain OpenAI client & Redis/FAISS vector storage
- Stripe checkout SDK
- Python version 3.11
- Redis Vector Storage 6.2.10
- Ubuntu (WSL) 22.04 LTS
- Kali Linux 6.1.0
Utilizing LangChain AutoGPT Documentation we created a set of goals for it to test the security of a login form on a website or IP.
Using these goals and declaring the type of agent to be, it runs command line tools like Hydra and creates a form security test program in Python using the selenium library and running it in REPL
At the end it will give us a security report of vulnerabilities found, if any, and give recommendations on how to fix.
- Later implementations we plan on allowing the user to task the AI to fix these issues.
- Work on a social engineering tool
- Embed in portable hardware like RespberryPI
- Further guardrail development
- Integration into Kali Linux
- Integration into Windows Powershell
To keep security insights current and actionable, plan to evolve RedAGPT with continuous data collection capabilities:
- Event-Driven Runs – Integrate ShadowMap executions into CI/CD pipelines, infrastructure-as-code deployments, and relevant cloud events so that every infrastructure change triggers an automated scan.
- Telemetry – Gather detailed execution metrics such as the number of targets scanned, modules invoked, runtime, and any errors to monitor tool performance and surface emerging security signals.
- Versioned Artifacts – Persist SBOMs, vulnerability reports, and reconnaissance data with timestamps so historical artifacts can be compared for drift detection and regression tracking.
RedAGPT ships with uv workflows instead of the built-in venv module. This keeps dependency resolution fast and reproducible.
-
Install
uv(one-time):curl -LsSf https://astral.sh/uv/install.sh | sh -
Create a fresh environment targeting Python 3.11 and install dependencies:
make virtualenv
-
Activate the environment:
source .venv/bin/activate
When a new requirement is needed you should add it to unpinned_requirements.txt and run
make update-requirements-txt
make virtualenvThis ensures that all requirements are pinned and work together for ensuring reproducibility.
See docs/CODEBASE_MAP.md for a guided tour of the repository layout.
cp .env.example .env
Configure the following environment variables to enable the built-in Stripe checkout flow:
STRIPE_API_KEY– your Stripe secret key.STRIPE_PRICE_ID– the recurring price or product to bill for subscriptions.STRIPE_SUCCESS_URL– URL customers are redirected to after a successful purchase.STRIPE_CANCEL_URL– URL customers are redirected to when they cancel checkout.
These values can be added to your .env file so they are loaded automatically.
streamlit run chatbot.py
