Aegis
v3.63.0Three-layer autonomous cybersecurity agent. LLM/AI threat detection, infrastructure security scanning, and 25 active OWASP probes — with a self-evolution engine that automatically generates new defenses when new vulnerabilities emerge.
Three-layer defense, one agent
Aegis stacks three independent security layers, each targeting a different attack surface — from AI model threats to infrastructure misconfigurations to live OWASP vulnerability probing.
LLM / AI Security
16 CheckersDetects AI-specific threats including prompt injection, jailbreak, PII leakage, system prompt extraction, and LLM-generated vulnerable code. Includes an on-device LlamaGuard model that never calls external APIs.
Infrastructure Security
13 ModulesScans source code for exposed secrets, matches dependencies against CVE databases (NVD + OSV + CISA KEV), audits Docker configurations, inspects TLS certificates, and scans container images with Trivy.
Active OWASP Probing
25 Active ProbesHolyShield actively probes live endpoints for OWASP Top 10 vulnerabilities — SQL injection, XSS, SSRF, JWT forgery, path traversal, CORS misconfiguration, and more. No passive scanning; actual attack simulation.
LLM / AI Security Checkers
16 checkers purpose-built for AI system threats. Below are the 8 most critical.
Taiwan PII Detection
Detects Taiwan-specific personally identifiable information — national ID, mobile numbers, passports, and addresses — in LLM inputs and outputs.
Prompt Injection Detection
Identifies direct prompt injection attempts that try to override system instructions or hijack model behavior via crafted user inputs.
Jailbreak Attack Detection
Detects jailbreak patterns designed to bypass model safety guardrails, including DAN-style and role-play manipulation techniques.
System Prompt Leakage
Catches LLM responses that inadvertently expose confidential system prompt content to end users.
LLM Output Injection
Detects injected instructions embedded in LLM-generated output that could cause downstream agents or tools to execute unintended actions.
On-Device LlamaGuard
Runs a local LLaMA Guard model for safety classification. Zero external API calls — all inference happens on your infrastructure.
LLM Code Vulnerability
Analyzes code generated by LLMs for security vulnerabilities before it reaches production or is executed by automated pipelines.
Indirect Prompt Injection
Identifies malicious instructions embedded in external data sources — documents, web pages, emails — that a retrieval-augmented agent may process.
Infrastructure Security Modules
13 modules covering secrets, CVE matching, container auditing, SBOM analysis, and TLS inspection. Below are the 6 most critical.
Plaintext Secret Scanner
Scans source code repositories for hardcoded secrets — API keys, tokens, passwords, connection strings — before they reach version control or production.
Triple-Source CVE Matching
Matches your dependency manifest against three CVE databases in parallel: NVD, OSV, and CISA KEV. Catches vulnerabilities that single-source scanners miss.
Docker Configuration Audit
Audits Docker Compose and Dockerfile configurations for security issues: containers running as root, missing USER directives, privileged mode, exposed sensitive ports.
SBOM Audit
Audits Software Bill of Materials (SBOM) to trace the full dependency graph and identify vulnerable or license-restricted components throughout the supply chain.
TLS/SSL Certificate Audit
Inspects TLS/SSL certificates for expiration, weak cipher suites, misconfigured SANs, and protocol version compliance (TLS 1.2/1.3 enforcement).
Container Image CVE Scan
Integrates with Trivy to scan container images layer by layer for known CVEs in OS packages and language dependencies.
Active OWASP Top 10 Probing
25 active probes covering the full OWASP Top 10. HolyShield simulates real attack traffic against live endpoints — not pattern matching, actual exploitation attempts in a controlled manner. Below are 8 representative probes.
SQL Injection
Tests endpoints with a battery of SQL injection payloads including UNION-based, boolean-blind, time-based blind, and error-based techniques.
OWASP A03Reflected XSS
Injects XSS payloads into URL parameters, form fields, and HTTP headers to detect insufficient output encoding vulnerabilities.
OWASP A03Server-Side Request Forgery
Tests for SSRF by attempting to make the server fetch internal network resources, cloud metadata endpoints, and localhost services.
OWASP A10JWT Forgery
Attempts JWT algorithm confusion (RS256 → HS256), none algorithm attacks, and weak secret brute-forcing to forge valid authentication tokens.
OWASP A02Path Traversal
Tests file path parameters with directory traversal sequences (../../../) and URL-encoded variants to access files outside the intended document root.
OWASP A01CORS Misconfiguration
Detects overly permissive CORS policies — wildcard origins, reflected origins, null origin acceptance — that could allow cross-origin data exfiltration.
OWASP A05OS Command Injection
Tests user-controlled inputs for OS command injection via shell metacharacters, command chaining, and substitution patterns.
OWASP A03Sensitive Data Exposure
Crawls API responses and HTML for exposed secrets, stack traces, debug endpoints, internal IP addresses, and verbose error messages.
OWASP A02New vulnerability? Aegis evolves.
When a new CVE or attack pattern emerges, the self-evolution engine kicks in — autonomously moving from threat discovery to a promoted, production-grade detection module in four stages.
Monitors CVE feeds, security advisories, and threat intelligence. When a new vulnerability pattern is identified, it initiates the evolution cycle.
Automatically generates a new probe or checker tailored to the identified vulnerability. Produces test cases, payloads, and detection signatures.
Runs the new probe in shadow mode — alongside existing modules but without affecting production alerts. Validates accuracy, false positive rate, and detection reliability.
Once validation passes, the new module is promoted to an official detection module — integrated into the active scanning pipeline and available for all future runs.
Fits into your existing workflow
Aegis integrates with CI/CD pipelines, monitoring stacks, and issue trackers out of the box. Deploy with Docker Compose, expose metrics, and receive alerts wherever your team works.
Export findings as SARIF format. Plug directly into GitHub Actions or Gitea CI as a quality gate — block PRs on critical findings.
All scan metrics are exposed at the /metrics endpoint in Prometheus format. Plug into Grafana dashboards for real-time security posture visibility.
Configurable webhook alerts with escalation rules. Route findings by severity to Slack, PagerDuty, or any HTTP endpoint.
Automatically opens Gitea issues for confirmed findings — with full context, affected files, CVSS scores, and remediation guidance.
Deploy with a single docker compose up. Aegis listens on port 8941 by default. No external dependencies required for core functionality.
Full CLI for scripting and CI integration: check, daemon, findings, modules, cve sync, probes, evolve.
# Run a full security check against a target $ aegis check --target https://api.example.com --layers all # Start daemon mode — continuous monitoring $ aegis daemon --port 8941 # List active findings with severity filter $ aegis findings --severity critical [CRITICAL] SqlInjectionProbe → /api/users?id= (A03:2021) [HIGH] SecretScannerModule → config/db.yml (line 14) # Sync CVE databases from NVD + OSV + CISA KEV $ aegis cve sync # List all loaded probes and modules $ aegis modules --verbose # Trigger self-evolution cycle manually $ aegis evolve --dry-run