Autonomous Security Framework v1.9

AUTARCH

Autonomous Tactical Agent for Reconnaissance, Counterintelligence & Hacking

A sovereign digital entity that thinks, adapts, and operates independently. Offense meets defense in one unified framework — powered by AI, governed by you.

1,130+
API Routes
25,475
OSINT Sites
73
Security Modules
4
LLM Backends
// capabilities
Six Domains. One Framework.
AUTARCH isn't a collection of scripts. It's an autonomous platform spanning every phase of security operations.
DEFENSE
Hardening & Detection
System hardening audits, intrusion detection, rogue device scanning, real-time network monitoring, and automated incident response.
  • WiFi attack detection (deauth, evil twin, ARP spoof)
  • Container security auditing
  • Email security analysis (SPF/DKIM/DMARC)
OFFENSE
Attack Simulation
Metasploit integration, C2 framework, exploit development workspace, and social engineering toolkit for red team operations.
  • Live Metasploit console via web terminal
  • Multi-language reverse shell generator
  • Phishing simulation platform
FORENSICS
Analysis & Recovery
File forensics, malware sandbox, reverse engineering workspace, steganography detection, and anti-forensics toolkit.
  • Behavioral malware analysis
  • Hex dump & entropy analysis
  • Log correlation engine
OSINT
Reconnaissance
25,475+ indexed OSINT sites for reconnaissance. Email, username, phone, domain, and IP lookups with threat intelligence feeds.
  • Network topology visualization
  • GeoIP, DNS, WHOIS enumeration
  • IoC lookups & threat feeds
HARDWARE
Device Operations
ADB/Fastboot over WebUSB, ESP32 flashing via Web Serial, BLE scanning, RFID tools, SDR integration, and Pineapple support.
  • Android anti-stalkerware shield
  • WiFi Pineapple integration
  • Starlink research tools
INFRA
Platform Core
Privileged daemon with 68 whitelisted commands, encrypted vault, WireGuard VPN management, and custom DNS nameserver.
  • HMAC-SHA256 authenticated daemon
  • AES-encrypted secret storage
  • PDF/HTML report engine
// interface
See It In Action
A web-based dashboard that puts every capability at your fingertips.
Network Security
Network Security Dashboard

WiFi Attack Detection

Real-time detection of deauthentication attacks, evil twins, rogue access points, ARP poisoning, MITM attacks, and SSL stripping. Every threat is identified, categorized, and explained with actionable remediation steps — automatically analyzed by Agent HAL.

Security Audit
Security Audit Dashboard

System Hardening

One-click security audits across firewall configuration, SSH hardening, open port analysis, user permissions, dangerous services, and firewall rule management. Results are scored, prioritized, and paired with fix commands you can run directly.

Intrusion Detection
IDS Dashboard

Threat Monitoring

ARP spoof detection, promiscuous mode monitoring, unauthorized DHCP servers, suspicious connections, and rogue socket processes — all monitored continuously. The HAL Auto-Analyst provides real-time risk assessments and response recommendations.

// artificial intelligence
Agent HAL
AUTARCH doesn't just run tools — it thinks. Agent HAL is an autonomous AI entity that analyzes, decides, and acts.

Autonomous Operations

Given a target environment, HAL reconnoiters, studies, plans, executes, and reports — independently. Autonomy, not automation.

Auto-Analyst

Every defensive tool automatically sends output to the LLM for real-time analysis with risk scoring and remediation guidance.

4 LLM Backends

llama.cpp (local GGUF), HuggingFace Transformers, Claude API, and any OpenAI-compatible endpoint. Run fully offline or cloud-assisted.

MCP Server

Expose AUTARCH's tools via Model Context Protocol to Claude Desktop, Claude Code, or any external MCP client.

An autarch is a sovereign ruler — one who governs themselves

Govern Your Digital Operations

Free. Open source. No telemetry. No cloud dependencies. Your machine. Your rules.