sssnake/autarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
main
autarch/data/codex/autarch_codex.md

1348 lines
52 KiB
Markdown
Raw Permalink Normal View History

AUTARCH v1.9 — remote monitoring, SSH manager, daemon, vault, cleanup - Add Remote Monitoring Station with PIAP device profile system - Add SSH/SSHD manager with fail2ban integration - Add privileged daemon architecture for safe root operations - Add encrypted vault, HAL memory, HAL auto-analyst - Add network security suite, module creator, codex training - Add start.sh launcher script and GTK3 desktop launcher - Remove Output/ build artifacts, installer files, loose docs - Update .gitignore for runtime data and build artifacts - Update README for v1.9 with new launch method, screenshots, and features Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 06:59:06 -07:00
# AUTARCH Codex
## Codebase Knowledge Reference for AI Agents
Generated: 2026-03-20 05:05:31
This document is auto-generated by `scripts/build_codex.py` and provides
structured knowledge about the AUTARCH codebase for LLM agents to use
when creating modules, routes, templates, and features.
---
## 1. Module System
AUTARCH modules are Python files in the `modules/` directory. Each module:
- Has a `run()` function as the entry point
- Declares metadata: `DESCRIPTION`, `AUTHOR`, `VERSION`, `CATEGORY`
- Is auto-discovered by `core/menu.py` at startup
- Can be run via CLI (`python autarch.py -m <name>`) or from the web UI
### Required Module Attributes
```python
DESCRIPTION = "Short description of what the module does"
AUTHOR = "Your Name"
VERSION = "1.0"
CATEGORY = "defense" # One of: defense, offense, counter, analyze, osint, simulate, core, hardware
```
### Module Template
```python
"""
Module description here.
"""
DESCRIPTION = "Short description"
AUTHOR = "darkHal"
VERSION = "1.0"
CATEGORY = "defense"
import sys
from pathlib import Path
sys.path.insert(0, str(Path(__file__).parent.parent))
from core.banner import Colors, clear_screen, display_banner
def run():
"""Main entry point — REQUIRED."""
clear_screen()
display_banner()
print(f"{Colors.BOLD}Module Name{Colors.RESET}")
print(f"{Colors.DIM}{'─' * 50}{Colors.RESET}\n")
# Module logic here
if __name__ == "__main__":
run()
```
### Categories and Module Counts
- **defense** (12): android_protect, container_sec, defender, defender_monitor, defender_windows, email_sec, incident_resp, log_correlator, mysystem, threat_intel
... and 2 more
- **offense** (29): ad_audit, android_advanced, android_boot, android_payload, android_recon, android_root, android_screen, android_sms, api_fuzzer, c2_framework
... and 19 more
- **counter** (3): anti_forensics, counter, steganography
- **analyze** (12): analyze, ble_scanner, forensics, llm_trainer, malware_sandbox, net_mapper, password_toolkit, report_engine, reverse_eng, rfid_tools
... and 2 more
- **osint** (7): adultscan, dossier, geoip, ipcapture, recon, snoop_decoder, yandex_osint
- **simulate** (1): simulate
- **core** (4): agent, agent_hal, chat, setup
- **hardware** (4): android_apps, hardware_local, hardware_remote, iphone_local
**Total modules: 73**
---
## 2. Core API Reference
The `core/` directory contains the framework backbone. Key modules:
### core/agent.py
- **class `AgentState`** — Agent execution states.
- **class `AgentStep`** — Record of a single agent step.
- **class `AgentResult`** — Result of an agent task execution.
- `get_steps_summary()` — Get a formatted summary of all steps taken.
### core/android_exploit.py
- **class `AndroidExploitManager`** — All Android exploitation logic.
- Methods: `list_packages`, `pull_apk`, `pull_app_data`, `extract_shared_prefs`, `full_device_dump`, `get_accounts`, `get_wifi_passwords`, `extract_call_logs`
- `get_exploit_manager()`
- `list_packages(serial, include_system)` — List installed packages. Returns [{package, path, is_system}].
- `pull_apk(serial, package)` — Pull APK for a package.
- `pull_app_data(serial, package)` — Pull app data (databases, shared_prefs, files). Tries run-as then root.
- `extract_shared_prefs(serial, package)` — Extract shared_prefs XML files for a package.
- `full_device_dump(serial)` — Full device reconnaissance dump.
- `get_accounts(serial)` — Get accounts registered on device.
- `get_wifi_passwords(serial)` — Extract saved WiFi passwords. Requires ROOT.
### core/android_protect.py
- **class `AndroidProtectManager`** — Anti-stalkerware / anti-spyware shield for Android devices.
- Methods: `update_signatures`, `get_signature_stats`, `check_shizuku`, `install_shizuku`, `start_shizuku`, `stop_shizuku`, `shizuku_status`, `check_shield_app`
- `get_android_protect_manager()`
- `update_signatures(url)` — Download latest signatures from GitHub.
- `get_signature_stats()` — Count known threats by category.
- `check_shizuku(serial)` — Check Shizuku installation and status.
- `install_shizuku(serial, apk_path)` — Install Shizuku APK via ADB.
- `start_shizuku(serial)` — Start Shizuku service via ADB.
- `stop_shizuku(serial)` — Stop Shizuku server process.
- `shizuku_status(serial)` — Full Shizuku status check.
### core/autonomy.py
- **class `ActivityEntry`** — Single entry in the autonomy activity log.
- Methods: `to_dict`
- **class `AutonomyDaemon`** — Background daemon for autonomous threat response.
- Methods: `status`, `start`, `stop`, `pause`, `resume`, `get_activity`, `get_activity_count`, `subscribe`
- `get_autonomy_daemon()` — Get the global AutonomyDaemon instance.
- `reset_autonomy_daemon()` — Stop and reset the global daemon.
- `to_dict()`
- `status()` — Current daemon status.
- `start()` — Start the autonomy daemon background thread.
- `stop()` — Stop the daemon and wait for thread exit.
- `pause()` — Pause rule evaluation (monitoring continues).
- `resume()` — Resume rule evaluation.
### core/banner.py
- **class `Colors`** —
- `display_banner()` — Print the AUTARCH banner to the console.
- `clear_screen()` — Clear the terminal screen.
### core/config.py
- **class `Config`** — Configuration manager for AUTARCH settings.
- Methods: `save`, `get`, `get_int`, `get_float`, `get_bool`, `set`, `is_first_run`, `mark_setup_complete`
- `get_config()` — Get the global configuration instance.
- `save()` — Save the current configuration to file.
- `get(section, key, fallback)` — Get a configuration value.
- `get_int(section, key, fallback)` — Get a configuration value as integer.
- `get_float(section, key, fallback)` — Get a configuration value as float.
- `get_bool(section, key, fallback)` — Get a configuration value as boolean.
- `set(section, key, value)` — Set a configuration value.
- `is_first_run()` — Check if this is the first run of AUTARCH.
### core/cve.py
- **class `CVEDatabase`** — SQLite-based CVE Database with NVD API synchronization.
- Methods: `get_system_info`, `get_db_stats`, `sync_database`, `sync_recent`, `search_cves`, `get_cve`, `get_system_cves`, `get_software_cves`
- `get_cve_db()` — Get the global CVE database instance.
- `get_system_info()` — Get detected system information.
- `get_db_stats()` — Get database statistics.
- `sync_database(days_back, full_sync, progress_callback, verbose)` — Synchronize database with NVD.
- `sync_recent(days, verbose)` — Quick sync of recent CVEs only.
- `search_cves(keyword, cpe_pattern, severity, min_score)` — Search CVEs in local database.
- `get_cve(cve_id)` — Get detailed information about a specific CVE.
- `get_system_cves(severity_filter, max_results)` — Get CVEs relevant to the detected system.
### core/discovery.py
- **class `DiscoveryManager`** — Manages network discovery advertising for AUTARCH.
- Methods: `get_status`, `start_mdns`, `stop_mdns`, `start_bluetooth`, `stop_bluetooth`, `start_all`, `stop_all`, `shutdown`
- `get_discovery_manager(config)` — Get or create the DiscoveryManager singleton.
- `get_status()` — Get current discovery status for all methods.
- `start_mdns()` — Start mDNS service advertisement.
- `stop_mdns()` — Stop mDNS service advertisement.
- `start_bluetooth()` — Start Bluetooth service advertisement.
- `stop_bluetooth()` — Stop Bluetooth advertisement.
- `start_all()` — Start all enabled discovery methods.
- `stop_all()` — Stop all discovery methods.
### core/dns_service.py
- **class `DNSServiceManager`** — Manage the autarch-dns Go binary (start/stop/API calls).
- Methods: `api_base`, `api_token`, `find_binary`, `is_running`, `start`, `stop`, `status`, `list_zones`
- `get_dns_service()`
- `api_base()`
- `api_token()`
- `find_binary()` — Find the autarch-dns binary.
- `is_running()` — Check if the DNS service is running.
- `start()` — Start the DNS service.
- `stop()` — Stop the DNS service.
- `status()` — Get service status.
### core/hardware.py
- **class `HardwareManager`** — Manages ADB, Fastboot, and Serial/ESP32 devices.
- Methods: `get_status`, `adb_devices`, `adb_device_info`, `adb_shell`, `adb_shell_raw`, `adb_reboot`, `adb_install`, `adb_sideload`
- `get_hardware_manager()`
- `get_status()` — Get availability status of all backends.
- `adb_devices()` — List connected ADB devices.
- `adb_device_info(serial)` — Get detailed info about an ADB device.
- `adb_shell(serial, command)` — Run a shell command on an ADB device.
- `adb_shell_raw(serial, command, timeout)` — Run shell command without safety filter. For exploit modules.
- `adb_reboot(serial, mode)` — Reboot an ADB device. mode: system, recovery, bootloader
- `adb_install(serial, apk_path)` — Install an APK on device.
### core/iphone_exploit.py
- **class `IPhoneExploitManager`** — All iPhone USB exploitation logic using libimobiledevice.
- Methods: `get_status`, `list_devices`, `device_info`, `device_info_brief`, `device_info_domain`, `pair_device`, `unpair_device`, `validate_pair`
- `get_iphone_manager()`
- `get_status()` — Get availability of libimobiledevice tools.
- `list_devices()` — List connected iOS devices.
- `device_info(udid)` — Get full device information.
- `device_info_brief(udid)` — Get key device info (name, model, iOS version).
- `device_info_domain(udid, domain)` — Get device info for a specific domain.
- `pair_device(udid)` — Pair with device (requires user trust on device).
- `unpair_device(udid)` — Unpair from device.
### core/llm.py
- **class `LLMError`** — Exception raised for LLM-related errors.
- **class `LLM`** — Wrapper class for llama-cpp-python integration.
- Methods: `is_loaded`, `model_name`, `load_model`, `unload_model`, `generate`, `chat`, `clear_history`, `get_history`
- **class `TransformersLLM`** — HuggingFace Transformers backend for safetensors models.
- Methods: `is_loaded`, `model_name`, `load_model`, `unload_model`, `generate`, `chat`, `clear_history`, `get_history`
- `get_llm()` — Get the global LLM instance, auto-loading the model if needed.
- `detect_model_type(path)` — Detect the type of model at the given path.
- `reset_llm()` — Reset the global LLM instance (used when switching backends).
- `is_loaded()` — Check if a model is currently loaded.
- `model_name()` — Get the name of the currently loaded model.
- `load_model(model_path, verbose)` — Load a GGUF model.
- `unload_model()` — Unload the current model and free resources.
- `generate(prompt, max_tokens, temperature, top_p)` — Generate text completion.
### core/mcp_server.py
- `get_autarch_tools()` — Build the list of AUTARCH tools to expose via MCP.
- `execute_tool(name, arguments)` — Execute an AUTARCH tool and return the result as a string.
- `create_mcp_server()` — Create and return the FastMCP server instance.
- `run_stdio()` — Run the MCP server in stdio mode (for Claude Desktop / Claude Code).
- `run_sse(host, port)` — Run the MCP server in SSE (Server-Sent Events) mode for web clients.
- `get_mcp_config_snippet()` — Generate the JSON config snippet for Claude Desktop / Claude Code.
- `get_server_status()` — Check if the MCP server is running.
- `start_sse_server(host, port)` — Start the MCP SSE server in the background.
### core/menu.py
- **class `ModuleInfo`** — Information about a loaded module.
- **class `MainMenu`** — Main menu handler for AUTARCH.
- Methods: `print_status`, `load_modules`, `get_modules_by_category`, `get_status_line`, `display_menu`, `display_category_menu`, `run_module`, `show_settings`
- `print_status(message, status)` — Print a status message.
- `load_modules()` — Load all available modules from the modules directory.
- `get_modules_by_category(category)` — Get all modules in a specific category.
- `get_status_line()` — Get the status line showing model and MSF status.
- `display_menu()` — Display the main menu.
- `display_category_menu(category)` — Display the submenu for a category.
- `run_module(module_name)` — Run a specific module.
- `show_settings()` — Display settings menu.
### core/model_router.py
- **class `ModelTier`** —
- **class `_TierConfigProxy`** — Proxies Config but overrides the backend section for a specific model tier.
- Methods: `get`, `get_int`, `get_float`, `get_bool`, `get_llama_settings`, `get_transformers_settings`, `get_claude_settings`, `get_huggingface_settings`
- **class `ModelRouter`** — Manages up to 3 concurrent LLM instances (SLM, SAM, LAM).
- Methods: `status`, `load_tier`, `unload_tier`, `load_all`, `unload_all`, `get_instance`, `is_tier_loaded`, `classify`
- `get_model_router()` — Get the global ModelRouter instance.
- `reset_model_router()` — Reset the global ModelRouter (unloads all models).
- `get(section, key, fallback)`
- `get_int(section, key, fallback)`
- `get_float(section, key, fallback)`
- `get_bool(section, key, fallback)`
- `get_llama_settings()`
- `get_transformers_settings()`
### core/module_crypto.py
- `encrypt_module(source_code, password, metadata)` — Encrypt a Python module source string.
- `decrypt_module(data, password)` — Decrypt an .autarch blob.
- `encrypt_file(src, dst, password, metadata)` — Encrypt a .py source file to a .autarch file.
- `decrypt_file(src, password)` — Decrypt an .autarch file and return (source_code, metadata).
- `load_and_exec(path, password, module_name)` — Decrypt and execute an encrypted module.
- `read_metadata(path)` — Read only the metadata from an .autarch file without decrypting.
- `encrypt(key, iv, plaintext)`
- `decrypt(key, iv, ciphertext)`
### core/msf.py
- **class `MSFError`** — Exception raised for Metasploit-related errors.
- **class `MSFModule`** — Information about a Metasploit module.
- **class `MetasploitRPC`** — Client for Metasploit RPC API.
- Methods: `is_connected`, `connect`, `disconnect`, `get_version`, `list_modules`, `search_modules`, `get_module_info`, `get_module_options`
- `check_msgpack()` — Check if msgpack is available, raise error if not.
- `get_msf_manager()` — Get the global MSF manager instance.
- `msf_startup_autoconnect(skip_if_disabled)` — Perform MSF autoconnect during application startup.
- `msf_quick_connect(username, password, host, port)` — Quick non-interactive MSF server setup and connection.
- `is_connected()` — Check if connected to MSF RPC.
- `connect(password)` — Connect and authenticate to MSF RPC.
- `disconnect()` — Disconnect from MSF RPC.
- `get_version()` — Get Metasploit version info.
### core/msf_interface.py
- **class `MSFStatus`** — Status of an MSF operation.
- **class `MSFResult`** — Result from an MSF module execution.
- Methods: `success`, `get_summary`
- **class `MSFInterface`** — High-level interface for Metasploit operations.
- Methods: `manager`, `is_connected`, `last_error`, `ensure_connected`, `run_module`, `run_scanner`, `get_module_info`, `get_module_options`
- `get_msf_interface()` — Get the global MSF interface instance.
- `success()`
- `get_summary()` — Get a brief summary of the result.
- `manager()` — Get or create the MSF manager.
- `is_connected()` — Check if connected to MSF RPC.
- `last_error()` — Get the last error message.
- `ensure_connected(password, auto_prompt)` — Ensure we have a valid connection to MSF RPC.
- `run_module(module_path, options, timeout, auto_reconnect)` — Execute an MSF module and return parsed results.
### core/msf_modules.py
- `get_module_info(module_path)` — Get information about a module.
- `get_module_description(module_path)` — Get just the description for a module.
- `search_modules(query, max_results)` — Search modules by keyword.
- `get_modules_by_type(module_type)` — Get all modules of a specific type.
- `get_modules_by_tag(tag)` — Get all modules with a specific tag.
- `get_modules_by_platform(platform)` — Get all modules for a specific platform.
- `get_module_options(module_path)` — Get the common options for a module.
- `format_module_help(module_path)` — Get formatted help text for a module.
### core/msf_terms.py
- `get_setting_info(name)` — Get information about an MSF setting.
- `get_setting_description(name)` — Get just the description for a setting.
- `get_setting_prompt(name, default, required)` — Get a formatted input prompt for a setting.
- `format_setting_help(name, include_examples, include_notes)` — Get a formatted help text for a setting.
- `get_settings_by_category(category)` — Get all settings in a category.
- `get_common_settings()` — Get list of most commonly used settings.
- `get_category_info(category)` — Get information about a setting category.
- `list_all_settings()` — Get list of all known setting names.
### core/paths.py
- `is_frozen()` — Return True if running from a PyInstaller bundle.
- `get_app_dir()` — Return the writable application root directory.
- `get_bundle_dir()` — Return the bundle directory (read-only assets: templates, static, default modules).
- `get_core_dir()`
- `get_modules_dir()` — Return the bundled modules directory (read-only in frozen mode).
- `get_user_modules_dir()` — Return the user modules directory (writable, next to exe).
- `get_data_dir()`
- `get_config_path()` — Return config path. Writable copy lives next to the exe;
### core/pentest_pipeline.py
- **class `ParsingModule`** — Normalizes raw tool output into structured summaries.
- Methods: `parse`
- **class `ReasoningModule`** — Maintains PTT and decides next actions.
- Methods: `reason`
- **class `GenerationModule`** — Converts abstract tasks into concrete commands.
- Methods: `generate`
- `detect_source_type(output)` — Auto-detect tool output type from content patterns.
- `parse(raw_output, source_type, context)` — Parse raw tool output into normalized summary.
- `reason(parsed_output, context)` — Three-step reasoning: update tree, validate, extract next todo.
- `generate(task_description, target, context)` — Generate executable commands for a task.
- `process_output(raw_output, source_type)` — Full pipeline: parse -> reason -> generate.
- `get_initial_plan()` — Generate initial pentest plan for the target.
- `inject_information(info, source)` — Inject external information and get updated recommendations.
- `discuss(question)` — Ad-hoc question that doesn't affect the tree.
### core/pentest_session.py
- **class `PentestSessionState`** —
- **class `SessionEvent`** — A single event in the session timeline.
- Methods: `to_dict`, `from_dict`
- **class `PentestSession`** — Manages a single penetration testing session.
- Methods: `start`, `pause`, `resume`, `complete`, `set_error`, `log_event`, `log_pipeline_result`, `add_finding`
- `to_dict()`
- `from_dict(cls, data)`
- `start()` — Initialize a new session.
- `pause()` — Pause the session and save state.
- `resume()` — Resume a paused session.
- `complete(summary)` — Mark session as completed.
- `set_error(error_msg)` — Mark session as errored.
- `log_event(event_type, data)` — Log an event to the session timeline.
### core/pentest_tree.py
- **class `NodeStatus`** —
- **class `PTTNodeType`** —
- **class `PTTNode`** — A single node in the Penetration Testing Tree.
- Methods: `to_dict`, `from_dict`
- `to_dict()`
- `from_dict(cls, data)`
- `add_node(label, node_type, parent_id, details)` — Add a node to the tree. Returns the new node's ID.
- `update_node(node_id, status, details, tool_output)` — Update a node's properties. Returns True if found and updated.
- `delete_node(node_id)` — Delete a node and all its children recursively.
- `get_node(node_id)`
- `get_next_todo()` — Get the highest priority TODO node.
- `get_all_by_status(status)`
### core/report_generator.py
- **class `ReportGenerator`** — Generate HTML reports for OSINT scan results.
- Methods: `generate_username_report`, `generate_geoip_report`, `generate_security_audit_report`, `generate_network_scan_report`, `generate_vulnerability_report`, `generate_pentest_report`
- `get_report_generator(output_dir)` — Get a ReportGenerator instance.
- `generate_username_report(username, results, total_checked, scan_time)` — Generate HTML report for username scan.
- `generate_geoip_report(results)` — Generate HTML report for GEO IP lookups.
- `generate_security_audit_report(system_info, issues, score)` — Generate HTML report for security audit.
- `generate_network_scan_report(target, hosts, scan_time)` — Generate HTML report for network scan.
- `generate_vulnerability_report(target, correlations, scan_time)` — Generate HTML report for vulnerability scan.
- `generate_pentest_report(target, network_data, vuln_data, exploit_data)` — Generate combined pentest report.
- `get_confidence_class(conf)`
### core/revshell.py
- **class `RevShellSession`** — Active reverse shell session with an Archon device.
- Methods: `alive`, `device_name`, `android_version`, `uid`, `uptime`, `execute`, `execute_special`, `sysinfo`
- **class `RevShellListener`** — TCP listener for incoming Archon reverse shell connections.
- Methods: `running`, `active_sessions`, `start`, `stop`, `get_session`, `list_sessions`, `remove_session`, `save_screenshot`
- `get_listener()` — Get or create the global RevShellListener singleton.
- `start_listener(host, port, token)` — Start the global listener.
- `stop_listener()` — Stop the global listener.
- `alive()`
- `device_name()`
- `android_version()`
- `uid()`
- `uptime()`
### core/rsf.py
- **class `RSFError`** — Custom exception for RouterSploit operations.
- **class `RSFModuleInfo`** — Metadata for a RouterSploit module.
- **class `RSFManager`** — Manager for RouterSploit framework operations.
- Methods: `is_available`, `reset_cache`, `index_all_modules`, `get_module_count`, `get_modules_by_type`, `search_modules`, `load_module`, `get_module_options`
- `get_rsf_manager()` — Get the global RSFManager singleton instance.
- `is_available()` — Check if RouterSploit is importable. Caches result.
- `reset_cache()` — Reset cached state (availability, module index).
- `index_all_modules()` — Discover all RSF modules. Returns list of dotted module paths.
- `get_module_count()` — Get total number of indexed modules.
- `get_modules_by_type(module_type)` — Filter modules by type (exploits, creds, scanners, payloads, encoders, generic).
- `search_modules(query)` — Search modules by substring match on path.
- `load_module(path)` — Load a RouterSploit module by path.
### core/rsf_interface.py
- **class `RSFStatus`** — Status codes for RSF operations.
- **class `RSFResult`** — Result of an RSF module execution.
- **class `RSFInterface`** — High-level interface for RouterSploit operations.
- Methods: `ensure_available`, `is_available`, `module_count`, `list_modules`, `search_modules`, `get_module_info`, `get_module_options`, `check_module`
- `get_rsf_interface()` — Get the global RSFInterface singleton instance.
- `ensure_available()` — Check that RSF is importable and available.
- `is_available()` — Check if RSF is available without raising.
- `module_count()` — Get total number of available modules.
- `list_modules(module_type)` — List available modules, optionally filtered by type.
- `search_modules(query)` — Search modules by keyword.
- `get_module_info(path)` — Get metadata for a module.
- `get_module_options(path)` — Get configurable options for a module.
### core/rsf_modules.py
- `get_module_info(module_path)` — Get curated module info by path.
- `get_module_description(module_path)` — Get just the description for a module.
- `search_modules(query)` — Search curated modules by keyword.
- `get_modules_by_type(module_type)` — Get curated modules filtered by type.
- `format_module_help(module_path)` — Format detailed help text for a module.
- `get_all_modules()` — Get all curated modules.
- `get_type_info(module_type)` — Get info about a module type.
### core/rsf_terms.py
- `get_setting_info(name)` — Get full setting information by name.
- `get_setting_prompt(name, default, required)` — Get a formatted input prompt for a setting.
- `format_setting_help(name, include_examples, include_notes)` — Get formatted help text for a setting.
- `validate_setting_value(name, value)` — Validate a setting value against its type.
### core/rules.py
- **class `Rule`** — A single automation rule.
- Methods: `to_dict`, `from_dict`
- **class `RulesEngine`** — Evaluates automation rules against a threat context.
- Methods: `save`, `add_rule`, `update_rule`, `delete_rule`, `get_rule`, `get_all_rules`, `evaluate`
- `to_dict()`
- `from_dict(cls, d)`
- `save()` — Save rules to JSON file.
- `add_rule(rule)`
- `update_rule(rule_id, updates)`
- `delete_rule(rule_id)`
- `get_rule(rule_id)`
- `get_all_rules()`
### core/sites_db.py
- **class `SitesDatabase`** — Unified OSINT sites database with SQLite storage.
- Methods: `get_stats`, `get_sites`, `get_site`, `search_sites`, `get_categories`, `get_sites_for_scan`, `get_site_by_url`, `toggle_site`
- `get_sites_db()` — Get the global sites database instance.
- `get_stats()` — Get database statistics.
- `get_sites(category, include_nsfw, enabled_only, source)` — Get sites from database.
- `get_site(name)` — Get a specific site by name.
- `search_sites(query, include_nsfw, limit)` — Search sites by name.
- `get_categories()` — Get all categories with site counts.
- `get_sites_for_scan(categories, include_nsfw, max_sites, sort_alphabetically)` — Get sites optimized for username scanning with detection patterns.
- `get_site_by_url(url_template)` — Get a site by its URL template.
### core/tools.py
- **class `ToolParameter`** — Definition of a tool parameter.
- **class `Tool`** — Definition of an agent tool.
- Methods: `to_schema`, `execute`
- **class `ToolRegistry`** — Registry for managing available tools.
- Methods: `register`, `unregister`, `get`, `list_tools`, `get_tools_schema`, `get_tools_prompt`, `execute`
- `get_tool_registry()` — Get the global tool registry.
- `to_schema()` — Convert tool to JSON schema for LLM.
- `execute()` — Execute the tool with given parameters.
- `register(tool)` — Register a tool.
- `unregister(name)` — Unregister a tool by name.
- `get(name)` — Get a tool by name.
- `list_tools()` — List all registered tools.
- `get_tools_schema()` — Get JSON schema for all tools.
### core/tray.py
- **class `TrayManager`** — Manages the system tray icon and Flask server lifecycle.
- Methods: `start_server`, `stop_server`, `restart_server`, `open_browser`, `quit`, `run`
- `create_icon_image(size)` — Load tray icon from .ico file, falling back to programmatic generation.
- `start_server()` — Start the Flask web server in a background thread.
- `stop_server()` — Stop the Flask web server.
- `restart_server()` — Stop and restart the Flask web server.
- `open_browser()` — Open the dashboard in the default web browser.
- `quit()` — Stop server and exit the tray icon.
### core/upnp.py
- **class `UPnPManager`** — UPnP port forwarding manager wrapping the upnpc CLI.
- Methods: `is_available`, `list_mappings`, `add_mapping`, `remove_mapping`, `get_external_ip`, `refresh_all`, `load_mappings_from_config`, `save_mappings_to_config`
- `get_upnp_manager(config)` — Get the global UPnP manager instance.
- `is_available()` — Check if upnpc is installed.
- `list_mappings()` — List current UPnP port mappings.
- `add_mapping(internal_ip, internal_port, external_port, protocol)` — Add a UPnP port mapping.
- `remove_mapping(external_port, protocol)` — Remove a UPnP port mapping.
- `get_external_ip()` — Get the external IP via UPnP.
- `refresh_all()` — Re-add all configured port mappings. Returns list of results.
- `load_mappings_from_config()` — Load port mappings from config file.
### core/wireguard.py
- **class `WireGuardManager`** — WireGuard VPN + Remote ADB manager.
- Methods: `is_available`, `get_server_status`, `start_interface`, `stop_interface`, `restart_interface`, `generate_keypair`, `generate_preshared_key`, `get_next_ip`
- `get_wireguard_manager(config)`
- `is_available()` — Check if wg binary exists.
- `get_server_status()` — Parse wg show for interface info.
- `start_interface()` — Start WireGuard interface with wg-quick.
- `stop_interface()` — Stop WireGuard interface with wg-quick.
- `restart_interface()` — Restart WireGuard interface.
- `generate_keypair()` — Generate WireGuard keypair. Returns (private_key, public_key).
- `generate_preshared_key()` — Generate WireGuard preshared key.
### core/wireshark.py
- **class `WiresharkManager`** — Packet capture and analysis using scapy + optional tshark.
- Methods: `scapy_available`, `tshark_available`, `can_capture`, `get_status`, `list_interfaces`, `start_capture`, `stop_capture`, `get_capture_stats`
- `get_wireshark_manager()` — Get the global WiresharkManager instance.
- `scapy_available()`
- `tshark_available()`
- `can_capture()` — Check if live capture is possible (needs root + libpcap).
- `get_status()` — Get engine status.
- `list_interfaces()` — List available network interfaces.
- `start_capture(interface, bpf_filter, duration, output_file)` — Start packet capture in a background thread.
- `stop_capture()` — Stop running capture.
### Common Imports for Modules
```python
# Colors and display
from core.banner import Colors, clear_screen, display_banner
# Configuration
from core.config import get_config
# LLM access
from core.llm import get_llm, LLMError
# Agent tools
from core.tools import get_tool_registry
# File paths
from core.paths import get_app_dir, get_data_dir, find_tool
# Hardware (ADB/Fastboot)
from core.hardware import get_hardware_manager
# Available Colors
Colors.RED, Colors.GREEN, Colors.YELLOW, Colors.BLUE,
Colors.MAGENTA, Colors.CYAN, Colors.WHITE, Colors.BOLD,
Colors.DIM, Colors.RESET
```
---
## 3. Web Route Patterns
Routes live in `web/routes/`. Each file defines a Flask Blueprint.
### Blueprint Template
```python
from flask import Blueprint, render_template, request, jsonify
from web.auth import login_required
myfeature_bp = Blueprint('myfeature', __name__, url_prefix='/myfeature')
@myfeature_bp.route('/')
@login_required
def index():
return render_template('myfeature.html')
@myfeature_bp.route('/action', methods=['POST'])
@login_required
def action():
data = request.get_json(silent=True) or {}
# Process...
return jsonify({'ok': True, 'result': ...})
```
### Registration
In `web/app.py`, add:
```python
from web.routes.myfeature import myfeature_bp
app.register_blueprint(myfeature_bp)
```
### Existing Routes
**ad_audit** (22 routes)
- `GET /``index`
- `POST /connect``connect`
- `POST /disconnect``disconnect`
- `GET /status``status`
- `GET /users``users`
- ... and 17 more
**analyze** (13 routes)
- `GET /``index`
- `POST /file``analyze_file`
- `POST /strings``extract_strings`
- `POST /hash``hash_lookup`
- `POST /log``analyze_log`
- ... and 8 more
**android_exploit** (81 routes)
- `GET /``index`
- `POST /apps/list``apps_list`
- `POST /apps/pull-apk``apps_pull_apk`
- `POST /apps/pull-data``apps_pull_data`
- `POST /apps/shared-prefs``apps_shared_prefs`
- ... and 76 more
**android_protect** (63 routes)
- `GET /``index`
- `POST /scan/quick``scan_quick`
- `POST /scan/full``scan_full`
- `POST /scan/export``scan_export`
- `POST /scan/stalkerware``scan_stalkerware`
- ... and 58 more
**anti_forensics** (14 routes)
- `GET /``index`
- `GET /capabilities``capabilities`
- `POST /delete/file``delete_file`
- `POST /delete/directory``delete_directory`
- `POST /wipe``wipe_free_space`
- ... and 9 more
**api_fuzzer** (12 routes)
- `GET /``index`
- `POST /discover``discover`
- `POST /openapi``parse_openapi`
- `POST /fuzz``fuzz`
- `POST /auth/bypass``auth_bypass`
- ... and 7 more
**archon** (11 routes)
- `GET /``index`
- `POST /shell``shell`
- `POST /pull``pull`
- `POST /push``push`
- `GET /packages``packages`
- ... and 6 more
**auth_routes** (4 routes)
- `GET,POST /login``login`
- `POST /api/login``api_login`
- `GET /api/check``api_check`
- `GET /logout``logout`
**autonomy** (16 routes)
- `GET /``index`
- `GET /status``status`
- `POST /start``start`
- `POST /stop``stop`
- `POST /pause``pause`
- ... and 11 more
**ble_scanner** (12 routes)
- `GET /``index`
- `GET /status``status`
- `POST /scan``scan`
- `GET /devices``devices`
- `GET /device/<address>``device_detail`
- ... and 7 more
**c2_framework** (13 routes)
- `GET /c2/``index`
- `GET /c2/listeners``list_listeners`
- `POST /c2/listeners``start_listener`
- `DELETE /c2/listeners/<name>``stop_listener`
- `GET /c2/agents``list_agents`
- ... and 8 more
**chat** (6 routes)
- `POST /chat``chat`
- `POST /chat/reset``chat_reset`
- `GET /chat/status``chat_status`
- `POST /agent/run``agent_run`
- `GET /agent/stream/<run_id>``agent_stream`
- ... and 1 more
**cloud_scan** (8 routes)
- `GET /``index`
- `POST /s3/enum``s3_enum`
- `POST /gcs/enum``gcs_enum`
- `POST /azure/enum``azure_enum`
- `POST /services``exposed_services`
- ... and 3 more
**container_sec** (16 routes)
- `GET /``index`
- `GET /status``status`
- `POST /docker/audit``docker_audit`
- `GET /docker/containers``docker_containers`
- `POST /docker/containers/<container_id>/audit``docker_container_audit`
- ... and 11 more
**counter** (4 routes)
- `GET /``index`
- `POST /scan``scan`
- `POST /check/<check_name>``check`
- `GET /logins``logins`
**dashboard** (4 routes)
- `GET /``index`
- `GET /manual``manual`
- `GET /manual/windows``manual_windows`
- `POST /api/modules/reload``reload_modules`
**deauth** (14 routes)
- `GET /``index`
- `GET /interfaces``interfaces`
- `POST /monitor/start``monitor_start`
- `POST /monitor/stop``monitor_stop`
- `POST /scan/networks``scan_networks`
- ... and 9 more
**defense** (51 routes)
- `GET /``index`
- `GET /linux``linux_index`
- `POST /linux/audit``linux_audit`
- `POST /linux/check/<check_name>``linux_check`
- `GET /linux/firewall/rules``linux_firewall_rules`
- ... and 46 more
**dns_service** (51 routes)
- `GET /``index`
- `GET /nameserver``nameserver`
- `GET /network-info``network_info`
- `GET /nameserver/binary-info``binary_info`
- `POST /nameserver/query``query_test`
- ... and 46 more
**email_sec** (12 routes)
- `GET /``index`
- `POST /domain``analyze_domain`
- `POST /spf``check_spf`
- `POST /dmarc``check_dmarc`
- `POST /dkim``check_dkim`
- ... and 7 more
**encmodules** (8 routes)
- `GET /``index`
- `POST /upload``upload`
- `POST /verify``verify`
- `POST /run``run_module`
- `GET /stream/<run_id>``stream`
- ... and 3 more
**exploit_dev** (12 routes)
- `GET /``index`
- `POST /shellcode``shellcode`
- `GET /shellcodes``list_shellcodes`
- `POST /encode``encode`
- `POST /pattern/create``pattern_create`
- ... and 7 more
**forensics** (10 routes)
- `GET /``index`
- `POST /hash``hash_file`
- `POST /verify``verify_hash`
- `POST /image``create_image`
- `POST /carve``carve_files`
- ... and 5 more
**hack_hijack** (10 routes)
- `GET /hack-hijack/``index`
- `POST /hack-hijack/scan``start_scan`
- `GET /hack-hijack/scan/<job_id>/stream``scan_stream`
- `GET /hack-hijack/scan/<job_id>``scan_status`
- `POST /hack-hijack/takeover``attempt_takeover`
- ... and 5 more
**hardware** (25 routes)
- `GET /``index`
- `GET /status``status`
- `GET /adb/devices``adb_devices`
- `POST /adb/info``adb_info`
- `POST /adb/shell``adb_shell`
- ... and 20 more
**incident_resp** (19 routes)
- `GET /``index`
- `POST /incidents``create_incident`
- `GET /incidents``list_incidents`
- `GET /incidents/<incident_id>``get_incident`
- `PUT /incidents/<incident_id>``update_incident`
- ... and 14 more
**ipcapture** (12 routes)
- `GET /ipcapture/``index`
- `GET /ipcapture/links``list_links`
- `POST /ipcapture/links``create_link`
- `GET /ipcapture/links/<key>``get_link`
- `DELETE /ipcapture/links/<key>``delete_link`
- ... and 7 more
**iphone_exploit** (35 routes)
- `GET /``index`
- `POST /devices``list_devices`
- `POST /device-info``device_info`
- `POST /fingerprint``fingerprint`
- `POST /pair``pair`
- ... and 30 more
**llm_trainer** (18 routes)
- `GET /``index`
- `POST /deps``check_deps`
- `POST /deps/install``install_deps`
- `POST /scan``scan_codebase`
- `POST /dataset/generate``generate_dataset`
- ... and 13 more
**loadtest** (7 routes)
- `GET /``index`
- `POST /start``start`
- `POST /stop``stop`
- `POST /pause``pause`
- `POST /resume``resume`
- ... and 2 more
**log_correlator** (10 routes)
- `GET /``index`
- `POST /ingest/file``ingest_file`
- `POST /ingest/text``ingest_text`
- `GET /search``search`
- `GET,DELETE /alerts``alerts`
- ... and 5 more
**malware_sandbox** (9 routes)
- `GET /``index`
- `GET /status``status`
- `POST /submit``submit`
- `GET /samples``samples`
- `POST /static``static_analysis`
- ... and 4 more
**mitm_proxy** (16 routes)
- `GET /``index`
- `POST /start``start`
- `POST /stop``stop`
- `GET /status``status`
- `POST /ssl-strip``ssl_strip`
- ... and 11 more
**module_creator** (7 routes)
- `GET /``index`
- `GET /templates``templates`
- `POST /create``create`
- `POST /validate``validate`
- `GET /list``list_modules`
- ... and 2 more
**msf** (4 routes)
- `GET /``index`
- `GET /status``status`
- `POST /connect``connect`
- `POST /console/send``console_send`
**net_mapper** (9 routes)
- `GET /net-mapper/``index`
- `POST /net-mapper/discover``discover`
- `GET /net-mapper/discover/<job_id>``discover_status`
- `POST /net-mapper/scan-host``scan_host`
- `POST /net-mapper/topology``build_topology`
- ... and 4 more
**network** (15 routes)
- `GET /``index`
- `POST /connections``connections`
- `POST /arp-table``arp_table`
- `POST /interfaces``interfaces`
- `POST /ids/scan``ids_scan`
- ... and 10 more
**offense** (15 routes)
- `GET /``index`
- `GET /status``status`
- `POST /connect``connect`
- `POST /disconnect``disconnect`
- `POST /server/start``start_server`
- ... and 10 more
**osint** (11 routes)
- `GET /``index`
- `GET /categories``get_categories`
- `GET /stats``db_stats`
- `GET /search/stream``search_stream`
- `GET /dossiers``list_dossiers`
- ... and 6 more
**password_toolkit** (13 routes)
- `GET /password-toolkit/``index`
- `POST /password-toolkit/identify``identify_hash`
- `POST /password-toolkit/crack``crack_hash`
- `GET /password-toolkit/crack/<job_id>``crack_status`
- `POST /password-toolkit/generate``generate`
- ... and 8 more
**phishmail** (35 routes)
- `GET /``index`
- `POST /send``send`
- `POST /validate``validate`
- `GET /campaigns``list_campaigns`
- `POST /campaigns``create_campaign`
- ... and 30 more
**pineapple** (23 routes)
- `GET /``index`
- `GET /interfaces``interfaces`
- `GET /tools``tools_status`
- `POST /start``start_ap`
- `POST /stop``stop_ap`
- ... and 18 more
**port_scanner** (5 routes)
- `GET /``index`
- `POST /start``start_scan`
- `GET /stream/<job_id>``stream`
- `GET /result/<job_id>``get_result`
- `POST /cancel/<job_id>``cancel_scan`
**rcs_tools** (79 routes)
- `GET /``index`
- `GET /status``status`
- `GET /device``device`
- `GET /shizuku``shizuku`
- `GET /archon``archon`
- ... and 74 more
**report_engine** (11 routes)
- `GET /reports/``index`
- `GET /reports/list``list_reports`
- `POST /reports/create``create_report`
- `GET /reports/<report_id>``get_report`
- `PUT /reports/<report_id>``update_report`
- ... and 6 more
**reverse_eng** (13 routes)
- `GET /``index`
- `POST /analyze``analyze`
- `POST /strings``strings`
- `POST /disassemble``disassemble`
- `POST /hex``hex_dump`
- ... and 8 more
**revshell** (18 routes)
- `GET /``index`
- `POST /listener/start``listener_start`
- `POST /listener/stop``listener_stop`
- `POST /listener/status``listener_status`
- `POST /sessions``list_sessions`
- ... and 13 more
**rfid_tools** (14 routes)
- `GET /``index`
- `GET /tools``tools_status`
- `POST /lf/search``lf_search`
- `POST /lf/read/em410x``lf_read_em`
- `POST /lf/clone``lf_clone`
- ... and 9 more
**sdr_tools** (22 routes)
- `GET /``index`
- `GET /devices``devices`
- `POST /spectrum``spectrum`
- `POST /capture/start``capture_start`
- `POST /capture/stop``capture_stop`
- ... and 17 more
**settings** (29 routes)
- `GET /``index`
- `POST /password``change_password`
- `POST /osint``update_osint`
- `POST /upnp``update_upnp`
- `POST /llm``update_llm`
- ... and 24 more
**simulate** (7 routes)
- `GET /``index`
- `POST /password``password_audit`
- `POST /portscan``port_scan`
- `POST /banner``banner_grab`
- `POST /payloads``generate_payloads`
- ... and 2 more
**sms_forge** (21 routes)
- `GET /``index`
- `GET /status``status`
- `GET /messages``messages`
- `POST /sms``add_sms`
- `POST /mms``add_mms`
- ... and 16 more
**social_eng** (18 routes)
- `GET /``index`
- `POST /clone``clone_page`
- `GET /pages``list_pages`
- `GET /pages/<page_id>``get_page`
- `DELETE /pages/<page_id>``delete_page`
- ... and 13 more
**starlink_hack** (29 routes)
- `GET /``index`
- `GET /status``status`
- `POST /discover``discover`
- `GET /dish-status``dish_status`
- `GET /dish-info``dish_info`
- ... and 24 more
**steganography** (8 routes)
- `GET /``index`
- `GET /capabilities``capabilities`
- `POST /capacity``capacity`
- `POST /hide``hide`
- `POST /extract``extract`
- ... and 3 more
**targets** (7 routes)
- `GET /``index`
- `POST /add``add`
- `POST /update/<tid>``update`
- `POST /delete/<tid>``delete`
- `POST /status/<tid>``set_status`
- ... and 2 more
**threat_intel** (13 routes)
- `GET /``index`
- `GET,POST,DELETE /iocs``iocs`
- `POST /iocs/import``import_iocs`
- `GET /iocs/export``export_iocs`
- `GET /iocs/detect``detect_type`
- ... and 8 more
**upnp** (5 routes)
- `GET /``index`
- `POST /refresh``refresh`
- `POST /add``add`
- `POST /remove``remove`
- `POST /cron``cron`
**vuln_scanner** (10 routes)
- `GET /``index`
- `POST /scan``start_scan`
- `GET /scan/<job_id>``get_scan`
- `GET /scans``list_scans`
- `DELETE /scan/<job_id>``delete_scan`
- ... and 5 more
**webapp_scanner** (7 routes)
- `GET /web-scanner/``index`
- `POST /web-scanner/quick``quick_scan`
- `POST /web-scanner/dirbust``dir_bruteforce`
- `GET /web-scanner/dirbust/<job_id>``dirbust_status`
- `POST /web-scanner/subdomain``subdomain_enum`
- ... and 2 more
**wifi_audit** (18 routes)
- `GET /``index`
- `GET /tools``tools_status`
- `GET /interfaces``interfaces`
- `POST /monitor/enable``monitor_enable`
- `POST /monitor/disable``monitor_disable`
- ... and 13 more
**wireguard** (25 routes)
- `GET /``index`
- `POST /server/status``server_status`
- `POST /server/start``server_start`
- `POST /server/stop``server_stop`
- `POST /server/restart``server_restart`
- ... and 20 more
**wireshark** (14 routes)
- `GET /``index`
- `GET /status``status`
- `GET /interfaces``interfaces`
- `POST /capture/start``capture_start`
- `POST /capture/stop``capture_stop`
- ... and 9 more
---
## 4. Template Patterns
Templates live in `web/templates/` and use Jinja2 extending `base.html`.
### Template Structure
```html
{%% extends "base.html" %%}
{%% block title %%}Feature Name - AUTARCH{%% endblock %%}
{%% block content %%}
<div class="page-header">
<h1>Feature Name</h1>
</div>
<div class="section">
<h2>Section Title</h2>
<!-- Content here -->
</div>
<script>
// JS for this page
</script>
{%% endblock %%}
```
### CSS Variables Available
```
--bg-main, --bg-card, --bg-secondary, --bg-input
--text-primary, --text-secondary, --text-muted
--accent (green), --danger (red), --border
--radius (border radius), --success (green)
```
### Common UI Patterns
- Tab bar: `<div class="tab-bar"><button class="tab active">Tab 1</button></div>`
- Card: `<div style="border:1px solid var(--border);background:var(--bg-card);border-radius:var(--radius);padding:0.85rem 1rem">`
- Table: `<table class="data-table"><thead>...</thead><tbody>...</tbody></table>`
- Button: `<button class="btn btn-primary btn-sm">Action</button>`
- Form: `<div class="form-group"><label>...</label><input ...><small>Help text</small></div>`
### Templates (74 total)
- `ad_audit.html` (extends: base.html)
- `analyze.html` (extends: base.html)
- `android_exploit.html` (extends: base.html)
- `android_protect.html` (extends: base.html)
- `anti_forensics.html` (extends: base.html)
- `api_fuzzer.html` (extends: base.html)
- `archon.html` (extends: base.html)
- `autonomy.html` (extends: base.html)
- `base.html` (extends: none)
- `ble_scanner.html` (extends: base.html)
- `c2_framework.html` (extends: base.html)
- `category.html` (extends: base.html)
- `cloud_scan.html` (extends: base.html)
- `container_sec.html` (extends: base.html)
- `counter.html` (extends: base.html)
- `dashboard.html` (extends: base.html)
- `deauth.html` (extends: base.html)
- `defense.html` (extends: base.html)
- `defense_linux.html` (extends: base.html)
- `defense_monitor.html` (extends: base.html)
- `defense_windows.html` (extends: base.html)
- `dns_nameserver.html` (extends: base.html)
- `dns_service.html` (extends: base.html)
- `email_sec.html` (extends: base.html)
- `encmodules.html` (extends: base.html)
- `exploit_dev.html` (extends: base.html)
- `forensics.html` (extends: base.html)
- `hack_hijack.html` (extends: base.html)
- `hardware.html` (extends: base.html)
- `hash_detection.html` (extends: base.html)
- `incident_resp.html` (extends: base.html)
- `ipcapture.html` (extends: base.html)
- `iphone_exploit.html` (extends: base.html)
- `legendary_creator.html` (extends: base.html)
- `llm_settings.html` (extends: base.html)
- `llm_trainer.html` (extends: base.html)
- `loadtest.html` (extends: base.html)
- `log_correlator.html` (extends: base.html)
- `login.html` (extends: base.html)
- `malware_sandbox.html` (extends: base.html)
- `manual.html` (extends: base.html)
- `mcp_settings.html` (extends: base.html)
- `mitm_proxy.html` (extends: base.html)
- `module_creator.html` (extends: base.html)
- `msf.html` (extends: base.html)
- `net_mapper.html` (extends: base.html)
- `network.html` (extends: base.html)
- `offense.html` (extends: base.html)
- `osint.html` (extends: base.html)
- `password_toolkit.html` (extends: base.html)
- `phishmail.html` (extends: base.html)
- `pineapple.html` (extends: base.html)
- `port_scanner.html` (extends: base.html)
- `rcs_tools.html` (extends: base.html)
- `report_engine.html` (extends: base.html)
- `reverse_eng.html` (extends: base.html)
- `revshell.html` (extends: base.html)
- `rfid_tools.html` (extends: base.html)
- `sdr_tools.html` (extends: base.html)
- `settings.html` (extends: base.html)
- `simulate.html` (extends: base.html)
- `sms_forge.html` (extends: base.html)
- `social_eng.html` (extends: base.html)
- `starlink_hack.html` (extends: base.html)
- `steganography.html` (extends: base.html)
- `system_deps.html` (extends: base.html)
- `targets.html` (extends: base.html)
- `threat_intel.html` (extends: base.html)
- `upnp.html` (extends: base.html)
- `vuln_scanner.html` (extends: base.html)
- `webapp_scanner.html` (extends: base.html)
- `wifi_audit.html` (extends: base.html)
- `wireguard.html` (extends: base.html)
- `wireshark.html` (extends: base.html)
---
## 5. Configuration System
Config is managed by `core/config.py` using Python's configparser.
File: `autarch_settings.conf` (INI format).
### Config Sections
- **[llama]**: model_path, n_ctx, n_threads, n_gpu_layers, gpu_backend, temperature, top_p, top_k ... +3 more
- **[autarch]**: first_run, modules_path, verbose, quiet, no_banner, llm_backend
- **[claude]**: api_key, model, max_tokens, temperature
- **[osint]**: max_threads, timeout, include_nsfw
- **[pentest]**: max_pipeline_steps, output_chunk_size, auto_execute, save_raw_output
- **[transformers]**: model_path, device, torch_dtype, load_in_8bit, load_in_4bit, trust_remote_code, max_tokens, temperature ... +3 more
- **[rsf]**: install_path, enabled, default_target, default_port, execution_timeout
- **[upnp]**: enabled, internal_ip, refresh_hours, mappings
- **[web]**: host, port, secret_key, mcp_port
- **[mcp]**: enabled, auto_start, transport, host, port, log_level, instructions, auth_enabled ... +16 more
- **[revshell]**: enabled, host, port, auto_start
- **[slm]**: enabled, backend, model_path, n_ctx, n_gpu_layers, n_threads
- **[sam]**: enabled, backend, model_path, n_ctx, n_gpu_layers, n_threads
- **[lam]**: enabled, backend, model_path, n_ctx, n_gpu_layers, n_threads
- **[agents]**: backend, local_max_steps, local_verbose, claude_enabled, claude_model, claude_max_tokens, claude_max_steps, openai_enabled ... +4 more
- **[autonomy]**: enabled, monitor_interval, rule_eval_interval, max_concurrent_agents, threat_threshold_auto_respond, log_max_entries
### Usage in Code
```python
from core.config import get_config
config = get_config()
# Read values
val = config.get('section', 'key', 'default')
num = config.get_int('section', 'key', 0)
flt = config.get_float('section', 'key', 0.0)
bol = config.get_bool('section', 'key', False)
# Write values
config.set('section', 'key', 'value')
config.save()
# Typed getters
config.get_llama_settings() # dict
config.get_claude_settings() # dict
config.get_mcp_settings() # dict
config.get_agents_settings() # dict
config.get_autonomy_settings() # dict
```
---
## 6. Adding to the Navigation
Edit `web/templates/base.html`. The sidebar has sections:
- Top (Dashboard, Port Scanner, Targets)
- Categories (Defense, Offense, Counter, Analyze, OSINT, Simulate)
- Network (Network Security, Wireshark, Net Mapper)
- Tools (Create Module, Enc Modules, Hardware, exploits, Shield, etc.)
- System (UPnP, WireGuard, MSF Console, DNS, Settings, etc.)
Add a nav item:
```html
<li><a href="{{ url_for('myfeature.index') }}"
class="{% if request.blueprint == 'myfeature' %}active{% endif %}">
My Feature</a></li>
```
Sub-items use: `style="padding-left:1.5rem;font-size:0.85rem"` with `&#x2514;` prefix.
---
## 7. MCP Tool System
Tools exposed via Model Context Protocol (MCP) are defined in `core/mcp_server.py`.
To add a new MCP tool:
```python
# In create_mcp_server(), add:
@mcp.tool()
def my_tool(param1: str, param2: int = 10) -> str:
"""Description of what the tool does."""
return execute_tool('my_tool', {'param1': param1, 'param2': param2})
# In execute_tool(), add the handler:
elif name == 'my_tool':
return _run_my_tool(arguments)
# Implement the handler:
def _run_my_tool(args: dict) -> str:
# ... implementation
return json.dumps({'result': ...})
```
Reference in New Issue Copy Permalink