-
Notifications
You must be signed in to change notification settings - Fork 5
Comparison
How Agentic-DART relates to existing DFIR tooling and other AI-assisted security projects. Honest, not adversarial — most of these tools do something Agentic-DART deliberately doesn't, and vice versa.
| Agentic-DART | Velociraptor | Plaso/Log2Timeline | Eric Zimmerman tools | OpenAI / generic LLM agents | |
|---|---|---|---|---|---|
| Reads forensic evidence | ✅ | ✅ | ✅ | ✅ | depends |
| Architectural read-only boundary | ✅ | partial | ✅ (parsers only) | ✅ | ❌ |
| Cross-artifact correlation | ✅ | ✅ | partial | ❌ | depends |
| LLM reasoning loop | ✅ | ❌ | ❌ | ❌ | ✅ |
| Tamper-evident audit log | ✅ | partial | ❌ | ❌ | ❌ |
| Operator-tunable playbook (YAML) | ✅ | ✅ | ❌ | ❌ | depends |
| MITRE ATT&CK chain reasoning | ✅ | partial | ❌ | ❌ | depends |
| Reproducible accuracy claim | ✅ | ✅ | ✅ | ✅ | rare |
What it is: Endpoint detection / forensic acquisition platform. Open-source. The de-facto live-collection tool in modern DFIR.
Overlaps with Agentic-DART: Both expose typed forensic operations (Velociraptor's VQL ≈ dart-mcp functions). Both are operator-tunable.
Differences: Velociraptor is live collection — it runs on endpoints, talks to a server, executes VQL queries against a running OS. Agentic-DART is post-collection analysis — it reads dumps Velociraptor (or anything else) produced. They're complementary: Velociraptor gathers, Agentic-DART reasons.
Could they integrate? Yes — dart-mcp could grow a velociraptor_query function for live cases. Currently out-of-scope (Phase 1 is offline only).
https://docs.velociraptor.app/
What it is: The reference Python timeline-extraction toolkit. Parses 200+ forensic artifact types, produces a unified CSV/Plaso-storage timeline.
Overlaps: dart-mcp's parsers are a small subset of what Plaso supports. Plaso is the gold standard for "I want every artifact parsed".
Differences: Plaso is extraction, Agentic-DART is reasoning over extracted data. Plaso has no reasoning loop, no MITRE mapping, no contradiction detection. They're complementary.
Could they integrate? Yes — running Plaso first to produce the timeline, then dart-corr to correlate against it, is a plausible workflow. Plaso → CSV → correlate_timeline works today.
https://github.com/log2timeline/plaso
What they are: Single-purpose Windows artifact parsers. Used by every working DFIR analyst on Windows.
Overlaps: dart-mcp's Windows parsers (get_amcache, parse_prefetch, parse_shellbags, extract_mft_timeline) are modeled on the field semantics these tools use. Naming and output structure aligned for operator familiarity.
Differences: Zimmerman's tools are command-line one-shots. Agentic-DART invokes typed equivalents inside an autonomous loop. We didn't replicate Zimmerman's depth; the goal is "structured-enough to feed an agent", not "replace EZ tools". For deep manual analysis, use the originals.
https://ericzimmerman.github.io/
What they are: SOAR (Security Orchestration, Automation, Response) platforms — case management, automated playbooks, SOC workflow.
Overlaps: Both can run "playbooks". Both produce audit trails.
Differences: SOAR playbooks are typically scripted decision trees with humans in the loop. Agentic-DART is autonomous within a typed surface. Phase 3 (dart-responder) will overlap more directly with SOAR — but only with explicit human approval per action.
Could they integrate? Yes. Phase 3 design lets Agentic-DART produce response proposals that a SOAR platform takes through its own approval flow. The architecture refuses to be a SOAR replacement; it's a reasoning component upstream of one.
What it is: Pasting EVTX exports, CSVs, MFT dumps into a chat window and asking the model to analyze.
Overlaps: Both involve LLMs reasoning about forensic data.
Differences (the big ones):
-
No surface boundary. A vanilla LLM will happily generate
subprocess.runcommands or claim it executed something. Agentic-DART's architecture refuses this by construction. - No audit chain. A vanilla chat has no tamper-evident record of what was looked at.
- No contradiction enforcement. A vanilla LLM smooths over disagreements between artifacts.
- No MITRE chain reasoning. Maybe, if you remind it every turn.
- No reproducibility. Same input → different output (sampling, prompt drift).
This is the population Agentic-DART is most directly responding to. The architectural argument is: if your DFIR workflow involves an LLM, the boundary should be in code, not in the prompt.
What it is: Open YAML-based signature format for log detection. The community-maintained corpus of detection rules.
Overlaps: Many of dart-mcp's detection functions encode patterns that Sigma rules also match (e.g. comsvcs.dll LSASS dump, AS-REP roasting).
Differences: Sigma is signatures. Agentic-DART is reasoning. Sigma alerts on a known pattern; Agentic-DART can reason from low-signal evidence to a chain.
Future integration: Phase 2 introduces dart-synth — synthesize new Sigma rules from audit corpora of past Agentic-DART runs. Already on the roadmap.
https://github.com/SigmaHQ/sigma
What it is: NIST's reference frameworks for threat hunting (800-150) and forensic process (800-86).
Overlaps: Agentic-DART's senior-analyst loop is modeled on the analyst workflow described in 800-150 (form hypothesis → gather → analyze → revise). 800-86's chain-of-custody requirements informed dart-audit.
Differences: NIST publishes guidance. Agentic-DART is an implementation that conforms to the guidance — specifically the chain-of-custody, replayability, and uncertainty-handling parts. The 800-150 hypothesis-driven model is encoded in the playbook.
- Not a replacement for any of the above. The MCP surface is intentionally small. Use the right tool for the right job.
- Not a "general-purpose AI security analyst" — it's tuned for evidence-based DFIR within a typed surface.
- Not production-ready — Phase 1 is a hackathon submission demonstrating the architecture is correct. Production hardening is Phase 2-3.
Agentic-DART — autonomous DFIR agent · architecture-first, not prompt-first · MIT license · github.com/Juwon1405/agentic-dart
- The Memex bet ⭐ Why this design
- About the name
- Architecture-first vs prompt-first
- Architecture deep dive
- Threat model
- Glossary
- dart-mcp — typed surface (native + SIFT adapters)
- dart-agent — senior-analyst loop
- dart-corr — cross-artifact correlation
- dart-audit — SHA-256 chained log
- dart-playbook — senior-analyst sequencing rules (v3 default)
- MCP function catalog (native + SIFT adapters)
- Comparison with adjacent tools
- FAQ
- Operator guide — distro-agnostic
- Running on SIFT
- Live mode
- Accuracy report
-
Roadmap ⭐ Phase 1 ~95% complete
- Phase 1 — Agentic DFIR ⭐ dedicated page · SANS submission
-
Phase 2 — Detection engineering
- The self-learning loop ⭐ design note
- Phase 3 — Agentic SOC
- Phase 4 — Broader agentic security