Skip to content

raphabot/awesome-cybersecurity-agentic-ai

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
.github/workflows
.github/workflows
 
 
scripts
scripts
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
PULL_REQUEST_TEMPLATE.md
PULL_REQUEST_TEMPLATE.md
 
 
README.md
README.md
 
 
awesome-logo.png
awesome-logo.png
 
 

Repository files navigation

Awesome

Awesome Cybersecurity Agentic AI

Table of Contents

MCP Servers

  • addcontent/nuclei-mcp - MCP server implementation for Nuclei, a fast and customizable vulnerability scanner.
  • alexgoller/illumio-mcp-server - MCP server for Illumio PCE, enabling AI-driven workload management, label operations, and traffic flow analysis for security.
  • atomicchonk/roadrecon_mcp_server - MCP server for Azure AD data analysis with ROADRecon, mapping Azure Active Directory environments.
  • Bamimore-Tomi/ghidra_mcp - MCP server for Ghidra, providing reverse engineering and binary analysis capabilities to LLMs and agentic workflows.
  • bromoket/x64dbg_mcp - MCP server for x64dbg debugger, providing 152 tools for AI-driven Windows debugging, reverse engineering, memory analysis, tracing, and anti-debug bypass.
  • BurtTheCoder/mcp-dnstwist - MCP server for DNS fuzzing with dnstwist, detecting phishing and domain takeover threats.
  • BurtTheCoder/mcp-maigret - MCP server for OSINT data collection with Maigret, gathering user info from various sources.
  • BurtTheCoder/mcp-shodan - MCP server for querying Shodan, providing data on Internet-connected devices for security analysis.
  • BurtTheCoder/mcp-virustotal - MCP server for querying the VirusTotal API for file and URL malware analysis.
  • ExposureGuard/exposureguard-mcp - Domain security scanning for AI agents. 8-check audit (SPF, DMARC, SSL, headers, DNSSEC, ports), A-F grades, fix snippets. getexposureguard.com
  • ExposureGuard/haldir - Guardian layer for AI agents: scoped sessions (Gate), encrypted secrets (Vault), audit trail (Watch), proxy mode for policy enforcement. Identity, spend limits, human-in-the-loop approvals. haldir.xyz
  • MCPPhalanx/binaryninja-mcp - MCP server for Binary Ninja, enabling binary analysis and reverse engineering in agentic workflows.
  • mobilehackinglab/jadx-mcp-plugin - Jadx plugin for MCP server access, used for decompiling Android apps.
  • MorDavid/BloodHound-MCP-AI - MCP server for BloodHound, providing Active Directory analysis and attack path discovery for agentic AI.
  • PortSwigger/mcp-server - MCP integration for Burp Suite, enabling web security testing and automation via agentic AI workflows.
  • san-techie21/astracipher - Cryptographic identity MCP server for AI agents using W3C DIDs, Verifiable Credentials, and NIST post-quantum cryptography (ML-DSA-65 FIPS 204). Provides capability-bounded tool authorization, trust chain verification, and hybrid PQC signatures.
  • urldna/mcp - urlDNA MCP server for phishing detection and URL analysis through advanced contextual scanning.

Research

Tools

  • AgentFence - Open-source platform for automatically testing AI agent security, detecting vulnerabilities like prompt injection, secret leakage, and system instruction exposure.
  • Agentic Radar - Open-source CLI security scanner for agentic workflows.
  • agenticsorg/agentic-security - An AI-powered security analysis tool intended to automatically detect vulnerabilities within code repositories.
  • Aguara - Static security scanner for AI agent skills and MCP servers. 173 detection rules, 4 analysis layers (pattern matching, NLP, taint tracking, rug-pull detection), offline, deterministic.
  • AICA Agent - Autonomous intelligent cyberdefense agent for research and production, supporting advanced detection, response, and management capabilities.
  • brood-box - CLI tool for running AI coding agents (Claude Code, Codex, OpenCode) inside hardware-isolated microVMs with snapshot isolation, egress control, and MCP authorization profiles.
  • CAI (Cybersecurity AI) - Open-source Bug Bounty-ready AI system with hierarchical agentic patterns, supporting autonomous penetration testing, vulnerability discovery, and multi-agent cybersecurity workflows.
  • ClawSearch - Search engine for AI agent skills with security-first indexing, surfacing audit results, risk scores, and safe alternatives for MCP servers and agent tools.
  • ClawSec - Security audit platform for AI agent skills with 5-tier analysis including static, dynamic, behavioral, Firecracker sandbox execution, and LLM-assisted review.
  • Dr.Binary - The Plugin equips Claude Code with advanced binary analysis capabilities for tasks such as incident response, malware investigation, and vulnerability assessment. It connects to both cloud-based analysis platforms and local tools via MCP, enabling seamless hybrid workflows. With features including local Windows system scanning, browser hijacking detection, registry and network monitoring, suspicious file analysis, and remote binary analysis through tools like Ghidra, Qilin, and angr, the plugin transforms Claude Code into a powerful AI-assisted workspace for comprehensive system and binary security analysis.
  • Inkog - Open-source AI agent security scanner. Audits agent code, MCP servers, and multi-agent delegation chains for vulnerabilities including prompt injection, infinite loops, and missing human oversight. Maps findings to EU AI Act, OWASP LLM Top 10, and OWASP Agentic Top 10. CLI + MCP server with SARIF output for CI/CD.
  • msoedov/agentic_security - An open-source vulnerability scanner specifically designed for Agent Workflows and LLMs, aiming to protect against issues like jailbreaks and fuzzing attacks.
  • OpenClaw Security Suite - Open-source 11-tool security suite for AI agent workspaces covering integrity verification, secret scanning, prompt injection defense, supply chain analysis, network DLP, permission auditing, credential lifecycle, compliance enforcement, audit trails, cryptographic signing, and incident response. Pure Python stdlib, zero dependencies, fully local execution.
  • pentagi - Fully autonomous AI-powered agent system designed for penetration testing.
  • Reaper - Open Source Agentic Web App security testing and tampering tool by Ghost Security
  • ShellWard - AI agent security middleware with 8-layer defense-in-depth — prompt injection detection (32 rules), DLP-style data flow tracking (read PII → outbound send = blocked), dangerous command blocking, PII/API key scanning. Works as SDK or OpenClaw plugin. Zero dependencies.
  • Vulert - Vulert secures software by detecting vulnerabilities in open-source dependencies—without accessing your code. It supports Js, PHP, Java, Python, and more

Frameworks

  • Agno - Lightweight, high-performance library for building Agents.
  • ATFAA/SHIELD - Advanced threat and mitigation frameworks for securing generative/agentic AI agents, with a focus on unique agent vulnerabilities and enterprise security.
  • CrewAI - Open-source framework for orchestrating teams of AI agents, supporting collaborative and specialized agentic workflows in security contexts.
  • LangChain - Modular framework for building LLM-powered agentic workflows, including security automation, retrieval-augmented generation, and tool integration.
  • LangGraph - Graph-based extension of LangChain for advanced state management and multi-agent workflows, suitable for cybersecurity automation.
  • MAESTRO (CSA) - Threat modeling framework for agentic AI, focusing on multi-agent security, layered risk analysis, and secure agentic system design.
  • Microsoft AutoGen - Framework for orchestrating multi-agent systems, enabling collaborative AI agents for complex cybersecurity and automation tasks.
  • Microsoft Semantic Kernel - Context-aware agentic AI framework for integrating semantic reasoning and automation in security operations.

Datasets

  • CICIDS 2017/2018 - Realistic network traffic datasets with labeled attacks for developing and benchmarking agentic cybersecurity solutions.
  • CTF Datasets (DEF CON, CSAW, PicoCTF, etc.) - Real-world and simulated Capture The Flag (CTF) challenges and solutions for agentic AI and automated penetration testing research.
  • CyberBattleSim Dataset - Synthetic cybersecurity environments and logs for training and evaluating autonomous agents in attack/defense scenarios.
  • DARPA Transparent Computing Datasets - Large-scale, labeled system event data for red/blue team cyber operations, suitable for multi-agent and autonomous defense research.
  • UNSW-NB15 - Network traffic and labeled attack data for training and evaluating AI-based intrusion detection and response agents.

Learning Resources/Podcast

  • Agentic Security Newsletter - A Newsletter that explores how autonomous, AI-driven agents are reshaping both offensive and defensive security. Each issue dives into the latest in tactics, tools, and ideas defining the future of security.
  • AI Security Podcast - Interviews with CISOs of Anthrophic, DeepMind and more doing amazing work in LLM and cybersecurity. Topics include Agentic AI, Red Team with AI, AI for Security and Security from AI & more. The show is hosted by 2 former CISOs and currently has the largest CISO & Tech Leader audience for AI Security.
  • awesome-ai-agents - A curated list of AI autonomous agents. While not exclusively cybersecurity focused, it's a valuable resource for discovering emerging frameworks and platforms that could be adapted for security purposes.

Communities

  • Submit your awesome Agentic AI Cybersecurity community here!

Contributions welcome! See contributing guidelines for details.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

398 stars

Watchers

8 watching

Forks

70 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages