Open Source Security Framework
Kinetic Operative Defense Agent
Autonomous vulnerability detection, real-time monitoring, and automated response. Pure Python. Zero dependencies. Works with any LLM.
Pipeline
01
7 scanners. Unified output.
02
NVD, CISA KEV, EPSS scores.
03
Chain events across time.
04
Block, kill, quarantine.
05
SARIF 2.1.0. Any format.
7
Scanners
23
LLM Tools
10k+
Lines
Zero
Dependencies
Capabilities
01
Wraps Semgrep, Trivy, Bandit, Gitleaks, Nuclei, OSV-Scanner, and Nmap. Run any combination, get unified findings.
02
Five hardcoded security roles — Sentinel, Recon, Analyst, Operator, Auditor — each with scoped permissions and audit trails.
03
Stateful rule engine chains events across time windows. Built-in detection for brute force, port scans, cryptominers, privilege escalation.
04
Automated, reversible containment — block IPs, kill processes, quarantine files, disable accounts. Time-boxed with auto-reversal.
05
Real-time file integrity monitoring, auth log analysis, suspicious process detection, and anomalous network connection alerting.
06
Full SARIF parser and generator. Import from any tool, export for GitHub Code Scanning, VS Code, and CI/CD pipelines.