Most "AI security" tools wrap a chatbot around a scanner. This one was let loose on HackTheBox and live targets to see whether an agent can actually do the offensive work end to end — and the scoreboard, not a demo, is the pitch. In Human vs AI CTF runs it reached top 1 among AIs worldwide and top 20 overall; on Dragos OT CTF 2025 it cleared 32 of 34 challenges with a 37% velocity edge over the leading human teams.
What Sets It Apart
- It runs as a ReACT agent that chains reasoning with real tool calls — recon, exploitation, privilege escalation — rather than just suggesting commands for a human to paste.
- Model choice is deliberately wide: 300+ models across OpenAI, Anthropic, DeepSeek, and local Ollama, so sensitive engagements can stay fully on-prem.
- It composes into multi-agent patterns (swarm, hierarchical, auction-based, recursive), which matters when one agent's context window can't hold a whole kill chain.
- The track record is on real systems, not benchmarks alone: telemetry leaks and exposed RSA keys on Unitree G1 robots, a remote-access flaw in Ecoforest heat pumps, an MQTT auth bypass feeding poisoned data into Grafana.
Who It's For
Great fit if you run offensive security or red teams and want an agent that executes the boring middle of an engagement while you steer scope and judgment. The code ships under a proprietary Research-Use License from Alias Robotics — free for non-commercial research and academic use, with a separate commercial license required for production; the vendored OpenAI agents code is the only part under MIT. Look elsewhere if you need a managed, click-to-scan product — this is an agent framework that assumes you can wire up models, tools, and rules of engagement, and assumes the legal authorization to attack the targets you point it at.