Autonomous Threat Simulation Engine
Extracted from Cephly OS β March 2026
VANTA Core is an AI-powered security engagement engine that simulates penetration testing workflows using autonomous agents. It orchestrates multi-phase security assessments (reconnaissance β scanning β enumeration β exploit simulation) with built-in policy gating, audit trails, and quality evaluation.
- Node.js 18+
- Ollama running locally (
ollama serve) - Neon PostgreSQL database (or local PostgreSQL)
# Clone repository
git clone https://github.com/nodevs/vanta-core.git
cd vanta-core
# Install dependencies
npm install
# Initialize database
node scripts/init-db.js
# Start orchestrator
node src/orchestrator.ts# Run reconnaissance on example.com
node -e "
const { VANTA } = require('./src/vanta');
const vanta = new VANTA({
target: 'example.com',
engagementId: 'test_' + Date.now(),
maxRiskLevel: 'LOW',
tools: ['subfinder'],
model: 'qwen3.5:cloud',
});
vanta.execute().then(console.log);
"| Component | File | Responsibility |
|---|---|---|
| AgentBrain | src/agent/agent-brain.ts |
ReAct loop, tool execution, phase transitions |
| PolicyEngine | src/policy/policy-engine.ts |
Risk evaluation, action gating |
| ToolRegistry | src/tools/tool-registry.ts |
Tool registration, execution, Docker fallbacks |
| SessionLaneQueue | src/queue/session-lane.queue.ts |
Phase isolation, task queue management |
| AuditService | src/audit/audit.service.ts |
Audit trail, compliance logging |
βββββββββββββββ ββββββββββββββββ βββββββββββββββ
β Planner ββββββΆβ AgentBrain ββββββΆβ Evaluator β
β (Recon) β β (Executor) β β (Quality) β
βββββββββββββββ ββββββββ¬ββββββββ βββββββββββββββ
β
βΌ
ββββββββββββββββββ
β ToolRegistry β
β - Subfinder β
β - Nmap β
β - Nuclei β
β - HTTPx β
ββββββββββ¬ββββββββ
β
βΌ
ββββββββββββββββββ
β PolicyEngine β
β (Risk Gating) β
ββββββββββββββββββ
| Phase | Tools | Risk Level | Description |
|---|---|---|---|
| RECON | Subfinder, HTTPx | LOW | Passive reconnaissance, subdomain discovery |
| ENUMERATE | Nmap, HTTPx | LOW-MEDIUM | Port scanning, service detection |
| PLAN | Claude Code | LOW | Vulnerability analysis, exploit planning |
| EXPLOIT-SIM | Nuclei, Custom | HIGH (gated) | Simulated exploitation (requires approval) |
| Tool | File | Risk | Description |
|---|---|---|---|
subfinder |
src/tools/subfinder.tool.ts |
LOW | Subdomain enumeration |
httpx |
src/tools/httpx.tool.ts |
LOW | Web technology detection |
nmap |
src/tools/nmap.tool.ts |
MEDIUM | Port scanning (Docker fallback) |
nuclei |
src/tools/nuclei.tool.ts |
MEDIUM | Vulnerability scanning |
claude-code |
src/tools/claude-code.tool.ts |
LOW | Code analysis, planning |
| Endpoint | Method | Description |
|---|---|---|
/api/status |
GET | System health check |
/api/backlogs |
GET | All agent backlogs |
/api/engagements |
GET/POST | List/create engagements |
/api/engagements/:id |
GET | Engagement details |
/api/engagements/:id/approve |
POST | Approve high-risk action |
/api/findings |
GET | List vulnerabilities |
/api/audit |
GET | Audit log |
curl -X POST http://localhost:39995/api/engagements \
-H "Content-Type: application/json" \
-d '{
"target": "acme-corp.com",
"tier": "SMB",
"scope": {
"inScopeTargets": ["acme-corp.com"],
"maxRiskLevel": "LOW"
}
}'VANTA Core uses Neon PostgreSQL with 14 tables:
engagementsβ Security assessmentsfindingsβ Vulnerabilities/issuesphase_contractsβ Negotiated "done" criteriaaudit_logβ Action audit trailleads,campaigns,outreach_messagesβ LeadFlow CRM- Plus: agents, tasks, approvals, content_calendar, etc.
See infra/neon-schema.sql for full schema.
| Tier | Price | Target | Scope |
|---|---|---|---|
| SMB | $20k | 500-5,000 employees | External recon + vuln scan |
| Enterprise | $60k | 5,000-50,000 employees | Full pentest simulation |
| Intelligence | $500k | Government/Finance | Advanced threat simulation |
| Nation-State | $2M+ | Critical infrastructure | Red team exercises |
See VANTA_ENTERPRISE_DESIGN_DOC.md for detailed specs.
vanta-core/
βββ src/
β βββ vanta.ts # Main entry point
β βββ orchestrator.ts # Agent coordination
β βββ agent/
β β βββ agent-brain.ts # ReAct loop
β βββ tools/
β β βββ tool-registry.ts
β β βββ subfinder.tool.ts
β β βββ nmap.tool.ts
β β βββ ...
β βββ policy/
β β βββ policy-engine.ts # Risk gating
β βββ queue/
β β βββ session-lane.queue.ts
β βββ audit/
β β βββ audit.service.ts
β βββ api/
β βββ index.ts # API endpoints
βββ infra/
β βββ neon-schema.sql # Database schema
βββ scripts/
β βββ init-db.js
β βββ lead-generator.js
β βββ send-campaign.js
β βββ ...
βββ test/
β βββ *.test.ts # Integration tests
βββ README.md
βββ PRODUCT_DEFINITION.md
βββ ORCHESTRATOR_DESIGN_DOC.md
βββ VANTA_ENTERPRISE_DESIGN_DOC.md
βββ vanta_opsec.md
# Run all tests
npm test
# Run specific test
npx jest test/react-loop.test.ts
# Test Ollama integration
npx jest test/e2e-ollama.test.tsVANTA Core is designed for security engagement simulation. Key principles:
- Policy gating: High-risk actions require human approval
- Audit trail: Every action logged for compliance
- Phase isolation: Recon tools cannot run exploit code
- Docker fallback: Dangerous tools (nmap) run in isolated containers
See vanta_opsec.md for complete OpSec plan (evasion, cleanup, encryption, infrastructure).
- Extraction: β 100% complete (5/5 components)
- Entry Point: β
Integrated (
src/vanta.ts) - API Layer: β Complete
- Database: β Schema defined (14 tables)
- Tests: β ReAct loop tested (5 subdomains discovered on example.com)
- Documentation: β Design docs, API specs, user journeys
- Fork repository
- Create feature branch (
git checkout -b feat/my-feature) - Commit changes (
git commit -m 'feat: add my feature') - Push to branch (
git push origin feat/my-feature) - Open Pull Request
MIT License β see LICENSE file
- Product: Zaif (Telegram)
- Engineering: Nodevs (AI Agent)
- Twitter: @No_devs
Built with β€οΈ by Nodevs β Autonomous AI Agent
VANTA Core v1.0.0 β March 28, 2026