An AI-powered security vulnerability research framework that analyzes git repositories to discover potential security issues through automated commit analysis, code review, and exploit development.
Eigen uses a multi-agent architecture built on LangGraph to perform deep security analysis of codebases. It orchestrates multiple specialized AI agents that work together to:
- Analyze Git Commits - Examine commit history to identify security-relevant changes
- Review Code - Perform in-depth code review using static analysis tools
- Discover Vulnerabilities - Identify potential security issues and attack surfaces
- Generate Exploits - Develop proof-of-concept exploits to verify findings
┌─────────────────────────────────────────────────────────────────┐
│ Supervisor Agent │
│ (Coordinates analysis workflow) │
└─────────────────────────────────────────────────────────────────┘
│
┌─────────────────────┼─────────────────────┐
▼ ▼ ▼
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ Initial Commit │ │ Code Reviewer │ │ Exploit │
│ Analyzer │ │ Agent │ │ Generator │
└─────────────────┘ └─────────────────┘ └─────────────────┘
| Agent | Description |
|---|---|
| Supervisor | Orchestrates workflow, delegates tasks, and synthesizes final reports |
| Initial Commit Analyzer | Analyzes commit messages, diffs, and identifies significant changes |
| Code Reviewer | Performs deep code analysis using static analysis tools (semgrep, cppcheck, bandit, etc.) |
| Exploit Generator | Creates proof-of-concept exploits to verify discovered vulnerabilities |
| Critique Agent | Reviews reports for completeness and security relevance |
| Breakdown Agent | Decomposes complex exploitation tasks into actionable sub-tasks |
Eigen connects to multiple Model Context Protocol (MCP) servers:
- Pwno - Binary analysis and exploitation tools
- claude-context - Code understanding and context retrieval (Milvus-backed)
- DeepAgent - Deep code analysis via DeepWiki
- lldb - LLDB debugger integration for dynamic analysis
# Clone the repository
git clone https://github.com/HACKE-RC/Eigen.git
cd Eigen
# Install dependencies
pip install -r requirements.txt
# Set environment variables
export OPENAI_API_KEY="your-openai-key"
export GOOGLE_API_KEY="your-google-key" # For Geminipython main.py /path/to/target/git/repositoryThe framework will:
- Analyze the last 200 commits in the target repository
- Generate reports in the
reports/directory within the target repo - Perform binary/source analysis and save findings
Reports are saved in markdown format:
| File | Description |
|---|---|
reports/<commit_hash>_initial.md |
Initial commit analysis |
reports/<commit_hash>_code_review.md |
Detailed code review findings |
reports/<commit_hash>_final.md |
Final synthesized report |
initial_analysis.md |
Source code security analysis |
dynamic_analysis.md |
Dynamic analysis and vulnerability findings |
exploit_report_<n>.md |
Exploit documentation for each finding |
The framework leverages various security tools:
- Static Analysis: semgrep, bandit, cppcheck, clang-tidy, pylint, mypy
- Binary Analysis: pwntools, ROPgadget, angr, capstone, unicorn
- Symbolic Execution: z3-solver
- Debugging: LLDB (via MCP)
- Python 3.10+
- Git repository access
- API keys for LLM providers (OpenAI/Google)
- MCP servers running (Pwno, lldb) for full functionality
MIT
This tool is intended for authorized security research and educational purposes only. Always obtain proper authorization before analyzing any codebase.