sssnake/autarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

No One Can Stop Me Now

Browse Source
This commit is contained in:
DigiJ
2026-03-13 23:48:47 -07:00
parent 4d3570781e
commit 1a138a2bd0
428 changed files with 519668 additions and 259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

588
docs/GUIDE.md Normal file
View File

@@ -0,0 +1,588 @@
# AUTARCH User Guide
## Project Overview
**AUTARCH** (Autonomous Tactical Agent for Reconnaissance, Counterintelligence, and Hacking) is a comprehensive security framework developed by **darkHal Security Group** and **Setec Security Labs**.
### What We Built
AUTARCH is a modular Python security framework featuring:
- **LLM Integration** - Local AI via llama.cpp for autonomous assistance
- **Autonomous Agent** - AI agent that can execute tools and complete tasks
- **Metasploit Integration** - Direct MSF RPC control from within the framework
- **Modular Architecture** - Plugin-based system for easy extension
- **6 Security Categories** - Defense, Offense, Counter, Analyze, OSINT, Simulate
---
## Project Structure
```
dh_framework/
├── autarch.py # Main entry point
├── autarch_settings.conf # Configuration file
├── custom_adultsites.json # Custom adult sites storage
├── custom_sites.inf # Bulk import file
├── DEVLOG.md # Development log
├── GUIDE.md # This guide
├── core/ # Core framework modules
│ ├── __init__.py
│ ├── agent.py # Autonomous AI agent
│ ├── banner.py # ASCII banner and colors
│ ├── config.py # Configuration handler
│ ├── llm.py # LLM wrapper (llama-cpp-python)
│ ├── menu.py # Main menu system
│ ├── msf.py # Metasploit RPC client
│ └── tools.py # Agent tool registry
└── modules/ # User-facing modules
├── __init__.py
├── setup.py # First-time setup wizard
├── chat.py # Interactive LLM chat (core)
├── agent.py # Agent interface (core)
├── msf.py # Metasploit interface (offense)
├── defender.py # System hardening (defense)
├── counter.py # Threat detection (counter)
├── analyze.py # Forensics tools (analyze)
├── recon.py # OSINT reconnaissance (osint)
├── adultscan.py # Adult site scanner (osint)
└── simulate.py # Attack simulation (simulate)
```
---
## Installation & Setup
### Requirements
- Python 3.8+
- llama-cpp-python (pre-installed)
- A GGUF model file for LLM features
- Metasploit Framework (optional, for MSF features)
### First Run
```bash
cd /home/snake/dh_framework
python autarch.py
```
On first run, the setup wizard automatically launches with options:
1. **Configure LLM** - Set up model for chat & agent features
2. **Skip Setup** - Use without LLM (most modules still work)
### Running Without LLM
Many modules work without an LLM configured:
```bash
# Skip setup on first run
python autarch.py --skip-setup
```
**Modules that work without LLM:**
- defender (Defense) - System hardening checks
- counter (Counter) - Threat detection
- analyze (Analyze) - File forensics
- recon (OSINT) - Email, username, domain lookup
- adultscan (OSINT) - Adult site scanner
- simulate (Simulate) - Port scan, payloads
- msf (Offense) - Metasploit interface
**Modules that require LLM:**
- chat - Interactive LLM chat
- agent - Autonomous AI agent
You can configure LLM later with `python autarch.py --setup`
---
## Command Line Interface
### Basic Usage
```bash
python autarch.py [OPTIONS] [COMMAND]
```
### Options
| Option | Description |
|--------|-------------|
| `-h, --help` | Show help message and exit |
| `-v, --version` | Show version information |
| `-c, --config FILE` | Use alternate config file |
| `--skip-setup` | Skip first-time setup (run without LLM) |
| `-m, --module NAME` | Run a specific module directly |
| `-l, --list` | List all available modules |
| `--setup` | Force run the setup wizard |
| `--no-banner` | Suppress the ASCII banner |
| `-q, --quiet` | Minimal output mode |
### Commands
| Command | Description |
|---------|-------------|
| `chat` | Start interactive LLM chat |
| `agent` | Start the autonomous agent |
| `scan <target>` | Quick port scan |
| `osint <username>` | Quick username OSINT |
### Examples
```bash
# Show help
python autarch.py --help
# Run a specific module
python autarch.py -m chat
python autarch.py -m adultscan
# List all modules
python autarch.py --list
# Quick OSINT scan
python autarch.py osint targetuser
# Re-run setup
python autarch.py --setup
```
---
## Main Menu Navigation
### Menu Structure
```
Main Menu
──────────────────────────────────────────────────
[1] Defense - Defensive security tools
[2] Offense - Penetration testing
[3] Counter - Counter-intelligence
[4] Analyze - Analysis & forensics
[5] OSINT - Open source intelligence
[6] Simulate - Attack simulation
[99] Settings
[98] Exit
```
### Category Details
#### [1] Defense
System hardening and defensive security:
- Full Security Audit
- Firewall Check
- SSH Hardening
- Open Ports Scan
- User Security Check
- File Permissions Audit
- Service Audit
#### [2] Offense
Penetration testing with Metasploit:
- Search Modules
- Use/Configure Modules
- Run Exploits
- Manage Sessions
- Console Commands
- Quick Scanners
#### [3] Counter
Counter-intelligence and threat hunting:
- Full Threat Scan
- Suspicious Process Detection
- Network Analysis
- Login Anomalies
- File Integrity Monitoring
- Scheduled Task Audit
- Rootkit Detection
#### [4] Analyze
Forensics and file analysis:
- File Analysis (metadata, hashes, type)
- String Extraction
- Hash Lookup (VirusTotal, Hybrid Analysis)
- Log Analysis
- Hex Dump Viewer
- File Comparison
#### [5] OSINT
Open source intelligence gathering:
- **recon.py** - Email, username, phone, domain, IP lookup
- **adultscan.py** - Adult site username scanner
#### [6] Simulate
Attack simulation and red team:
- Password Audit
- Port Scanner
- Banner Grabber
- Payload Generator (XSS, SQLi, etc.)
- Network Stress Test
---
## Module Reference
### Core Modules
#### chat.py - Interactive Chat
```
Category: core
Commands:
/help - Show available commands
/clear - Clear conversation history
/history - Show conversation history
/info - Show model information
/system - Set system prompt
/temp - Set temperature
/tokens - Set max tokens
/stream - Toggle streaming
/exit - Exit chat
```
#### agent.py - Autonomous Agent
```
Category: core
Commands:
tools - Show available tools
exit - Return to main menu
help - Show help
Available Tools:
shell - Execute shell commands
read_file - Read file contents
write_file - Write to files
list_dir - List directory contents
search_files - Glob pattern search
search_content - Content search (grep)
task_complete - Signal completion
ask_user - Request user input
msf_* - Metasploit tools
```
### OSINT Modules
#### recon.py - OSINT Reconnaissance
```
Category: osint
Version: 2.0
Menu:
Email
[1] Email Lookup
[2] Email Permutator
Username
[3] Username Lookup (17+ platforms)
[4] Social Analyzer integration
Phone
[5] Phone Number Lookup
Domain/IP
[6] Domain Recon
[7] IP Address Lookup
[8] Subdomain Enumeration
[9] Technology Detection
```
#### adultscan.py - Adult Site Scanner
```
Category: osint
Version: 1.3
Menu:
Scan Categories:
[1] Full Scan (all categories)
[2] Fanfiction & Story Sites
[3] Art & Creative Sites
[4] Video & Streaming Sites
[5] Forums & Communities
[6] Dating & Social Sites
[7] Gaming Related Sites
[8] Custom Sites Only
[9] Custom Category Selection
Site Management:
[A] Add Custom Site (manual)
[D] Auto-Detect Site Pattern
[B] Bulk Import from File
[M] Manage Custom Sites
[L] List All Sites
Sites Database: 50+ built-in sites
Categories: fanfiction, art, video, forums, dating, gaming, custom
```
##### Adding Custom Sites
**Manual Add [A]:**
```
Site name: MySite
URL pattern (use * for username): mysite.com/user/*
Detection Method: [1] Status code
```
**Auto-Detect [D]:**
```
Domain: example.com
Test username: knownuser
(System probes 17 common patterns)
```
**Bulk Import [B]:**
1. Edit `custom_sites.inf`:
```
# One domain per line
site1.com
site2.net
site3.org
```
2. Run Bulk Import and provide test username
3. System auto-detects patterns for each domain
---
## Configuration
### Config File: autarch_settings.conf
```ini
[llama]
model_path = /path/to/model.gguf
n_ctx = 4096
n_threads = 4
n_gpu_layers = 0
temperature = 0.7
top_p = 0.9
top_k = 40
repeat_penalty = 1.1
max_tokens = 2048
seed = -1
[autarch]
first_run = false
modules_path = modules
verbose = false
[msf]
host = 127.0.0.1
port = 55553
username = msf
password =
ssl = true
```
### LLM Settings
| Setting | Default | Description |
|---------|---------|-------------|
| model_path | (required) | Path to GGUF model file |
| n_ctx | 4096 | Context window size |
| n_threads | 4 | CPU threads for inference |
| n_gpu_layers | 0 | Layers to offload to GPU |
| temperature | 0.7 | Sampling temperature (0.0-2.0) |
| top_p | 0.9 | Nucleus sampling threshold |
| top_k | 40 | Top-K sampling |
| repeat_penalty | 1.1 | Repetition penalty |
| max_tokens | 2048 | Maximum response length |
| seed | -1 | Random seed (-1 = random) |
### Metasploit Settings
| Setting | Default | Description |
|---------|---------|-------------|
| host | 127.0.0.1 | MSF RPC host |
| port | 55553 | MSF RPC port |
| username | msf | RPC username |
| password | (none) | RPC password |
| ssl | true | Use SSL connection |
**Starting msfrpcd:**
```bash
msfrpcd -P yourpassword -S -a 127.0.0.1
```
---
## Creating Custom Modules
### Module Template
```python
"""
Module description here
"""
# Module metadata (required)
DESCRIPTION = "Short description"
AUTHOR = "Your Name"
VERSION = "1.0"
CATEGORY = "osint" # defense, offense, counter, analyze, osint, simulate, core
import sys
from pathlib import Path
sys.path.insert(0, str(Path(__file__).parent.parent))
from core.banner import Colors, clear_screen, display_banner
def run():
"""Main entry point - REQUIRED"""
clear_screen()
display_banner()
print(f"{Colors.BOLD}My Module{Colors.RESET}")
# Your code here
if __name__ == "__main__":
run()
```
### Available Colors
```python
from core.banner import Colors
Colors.RED
Colors.GREEN
Colors.YELLOW
Colors.BLUE
Colors.MAGENTA
Colors.CYAN
Colors.WHITE
Colors.BOLD
Colors.DIM
Colors.RESET
```
### Module Categories
| Category | Color | Description |
|----------|-------|-------------|
| defense | Blue | Defensive security |
| offense | Red | Penetration testing |
| counter | Magenta | Counter-intelligence |
| analyze | Cyan | Forensics & analysis |
| osint | Green | Open source intelligence |
| simulate | Yellow | Attack simulation |
| core | White | Core framework modules |
---
## Agent Tools Reference
The autonomous agent has access to these tools:
### File Operations
```
read_file(path) - Read file contents
write_file(path, content) - Write to file
list_dir(path) - List directory
search_files(pattern) - Glob search
search_content(pattern) - Grep search
```
### System Operations
```
shell(command, timeout) - Execute shell command
```
### User Interaction
```
ask_user(question) - Prompt user for input
task_complete(result) - Signal task completion
```
### Metasploit Operations
```
msf_connect() - Connect to MSF RPC
msf_search(query) - Search modules
msf_module_info(module) - Get module info
msf_module_options(module) - Get module options
msf_execute(module, options) - Execute module
msf_sessions() - List sessions
msf_session_command(id, cmd) - Run session command
msf_console(command) - Direct console
```
---
## Troubleshooting
### Common Issues
**LLM not loading:**
- Verify model_path in autarch_settings.conf
- Check file permissions on model file
- Ensure sufficient RAM for model size
**MSF connection failed:**
- Verify msfrpcd is running: `msfrpcd -P password -S`
- Check host/port in settings
- Verify password is correct
**Module not appearing:**
- Ensure module has `CATEGORY` attribute
- Ensure module has `run()` function
- Check for syntax errors
**Adult scanner false positives:**
- Some sites return 200 for all requests
- Use content-based detection for those sites
- Verify with a known username
### Debug Mode
```bash
# Enable verbose output
python autarch.py --verbose
# Check configuration
python autarch.py --show-config
```
---
## Security Notice
AUTARCH is designed for **authorized security testing only**. Users are responsible for:
- Obtaining proper authorization before testing
- Complying with all applicable laws
- Using tools ethically and responsibly
**Do not use for:**
- Unauthorized access
- Harassment or stalking
- Any illegal activities
---
## Version History
| Version | Date | Changes |
|---------|------|---------|
| 1.0 | 2026-01-14 | Initial release |
| 1.1 | 2026-01-14 | Added custom site management |
| 1.2 | 2026-01-14 | Added auto-detect patterns |
| 1.3 | 2026-01-14 | Added bulk import |
---
## Credits
**Project AUTARCH**
By darkHal Security Group and Setec Security Labs
---
*For development history, see DEVLOG.md*

142
docs/concept.md Normal file
View File

@@ -0,0 +1,142 @@
# Project AUTARCH — Concept Document
## Origin
Project AUTARCH was originally conceived as a proposal for a **Defense Intelligence Agency (D.I.A.) research grant** — an investigation into the feasibility and implications of fully autonomous LLM-driven offensive cyber agents operating within adversarial simulation environments.
The full version of AUTARCH, including its complete autonomous agent capabilities, operational case studies, and classified research findings, is **not available to the public**. The full case study remains classified at this time.
What you are looking at is the **public release** — a functional framework that contains the tools, architecture, and foundational systems that make AUTARCH possible. It is made available so that researchers, security professionals, and developers can study the approach, build on it, and construct their own autonomous security agents using the same underlying platform.
This is the engine. What you build with it is up to you.
---
## What Is AUTARCH?
AUTARCH is not a traditional security tool. It is an **autonomous digital entity** — a fully realized artificial persona designed to operate as an independent hacker within controlled gaming and simulation environments.
At its core, AUTARCH is an LLM-backed agent that has been **backstopped with a complete identity**: a name, a history, behavioral patterns, expertise domains, and operational preferences. Once activated, AUTARCH is not waiting for instructions. It is actively thinking, planning, and executing — identifying targets, studying attack surfaces, developing strategies, and carrying out simulated offensive operations on its own initiative.
The human operator is not AUTARCH's boss. They are its **handler**. AUTARCH has its own objectives, its own judgment, and its own methods. The handler sets the boundaries. AUTARCH decides how to work within them.
---
## The Autonomous Hacker
Traditional security frameworks give you a menu of tools and wait for you to pick one. AUTARCH inverts this relationship entirely.
**AUTARCH operates as a person, not a program.**
When AUTARCH is given a target environment or scenario, it:
1. **Reconnoiters** — Gathers intelligence autonomously. Scans networks, enumerates services, searches OSINT databases, maps attack surfaces. It does not ask permission for each step. It operates like a real threat actor would: methodically, quietly, and with purpose.
2. **Studies** — Analyzes what it finds. Cross-references discovered services with CVE databases. Identifies misconfigurations. Evaluates which attack vectors have the highest probability of success. Builds a mental model of the target environment.
3. **Plans** — Develops an attack strategy. Selects tools, sequences operations, identifies fallback approaches. AUTARCH does not follow a script — it adapts its plan based on what it discovers in real time.
4. **Executes** — Carries out the attack. Exploits vulnerabilities, establishes persistence, moves laterally, exfiltrates data. Each action informs the next. If something fails, AUTARCH pivots without hesitation.
5. **Reports** — Documents everything. Builds dossiers on targets, logs attack chains, generates after-action reports. Every operation produces intelligence that feeds into the next one.
This is not automation. This is **autonomy**. The difference is that automation follows predetermined steps. Autonomy means AUTARCH decides what steps to take.
---
## Gaming Scenarios
AUTARCH is designed for use in **controlled simulation and gaming environments** — red team exercises, capture-the-flag competitions, wargames, training scenarios, and security research labs.
In these contexts, AUTARCH acts as:
- **A red team operator** that can independently probe and attack target infrastructure within the rules of engagement
- **An adversary simulator** that behaves like a real-world threat actor, providing realistic pressure-testing for blue teams
- **A training partner** that can challenge security professionals with unpredictable, adaptive attack patterns
- **A research platform** for studying autonomous offensive security behavior and developing better defenses against it
The gaming scenario framing is fundamental to AUTARCH's design. Every operation happens within a defined scope. Every target is a legitimate exercise target. The autonomy is real, but the environment is controlled.
---
## The Identity Layer
What separates AUTARCH from a collection of security scripts is its **identity layer** — the LLM backbone that gives it coherent, persistent behavior.
AUTARCH's identity includes:
- **Expertise model** — Deep knowledge of network security, exploitation techniques, OSINT methodology, social engineering patterns, and defensive evasion
- **Operational style** — Preferences for how it approaches problems. Some configurations make AUTARCH aggressive and fast. Others make it patient and methodical. The identity shapes the behavior.
- **Memory and continuity** — AUTARCH remembers what it has learned. Targets it has studied before are not forgotten. Intelligence accumulates across sessions. Dossiers grow over time.
- **Decision-making framework** — When faced with multiple options, AUTARCH weighs them against its objectives and selects the approach it judges most effective. It can explain its reasoning if asked, but it does not need approval to proceed.
The LLM is not just a chatbot bolted onto security tools. It is the **brain** of the operation. The tools — nmap, Metasploit, tshark, ADB, custom modules — are AUTARCH's hands. The LLM is what decides where to reach.
---
## Tools as Extensions
Every tool in the AUTARCH framework serves the autonomous agent. The tools are also available to the human handler directly through the web dashboard and CLI, but their primary purpose is to be **wielded by AUTARCH itself**.
The dashboard you see is not a pre-built product. It is the result of AUTARCH building what it needed. When AUTARCH encountered a problem that required a tool it didn't have, it **wrote one**. That is how the first modules were created — not by a developer sitting down to design a toolkit, but by an autonomous agent identifying a gap in its own capabilities and filling it. The scanner exists because AUTARCH needed to scan. The exploit modules exist because AUTARCH needed to exploit. The OSINT engine exists because AUTARCH needed intelligence.
This process is ongoing. AUTARCH can generate new modules on the fly when an operation demands capabilities that don't yet exist in its arsenal. It writes the code, integrates the module, and deploys it — all without human intervention. The toolkit is not static. It grows every time AUTARCH encounters something new.
The tool categories map to how AUTARCH thinks about an operation:
| Category | Purpose | How AUTARCH Uses It |
|----------|---------|---------------------|
| **Defense** | Harden and monitor | Assesses its own operational security before engaging targets |
| **Offense** | Attack and exploit | Primary engagement tools for target operations |
| **Counter** | Counter-intelligence | Detects if AUTARCH itself is being observed or traced |
| **Analyze** | Study and understand | Processes intelligence gathered during operations |
| **OSINT** | Open-source intelligence | Builds target profiles from public data |
| **Simulate** | Model and predict | War-games scenarios before committing to an approach |
The web dashboard is the handler's window into what AUTARCH is doing. The CLI is the handler's direct line. But AUTARCH can operate through either interface — or through the MCP server protocol — without human intervention for extended periods.
---
## The Companion
AUTARCH extends beyond the server. The **Archon** Android companion app allows AUTARCH to operate through mobile devices — a phone becomes another tool in the arsenal. Combined with ADB/Fastboot integration, WebUSB direct hardware access, and the Archon Server running at shell level on Android devices, AUTARCH can interact with the physical world in ways that purely software-based tools cannot.
---
## Public Release
This public release includes:
- The complete web dashboard and CLI framework
- All 6 operational categories (Defense, Offense, Counter, Analyze, OSINT, Simulate) with their module libraries
- The OSINT search engine with 7,200+ site database
- Network scanning, packet capture, and vulnerability analysis tools
- Hardware integration (ADB, Fastboot, ESP32, WebUSB)
- The Archon Android companion app
- LLM integration points (llama.cpp, HuggingFace, Claude API)
- MCP server for tool-use protocol integration
- Cross-platform support (Linux primary, Windows, Android)
What is **not included** in this release:
- The fully autonomous agent orchestration layer
- Classified operational playbooks and behavioral models
- The complete identity backstopping system
- Operational case study data and research findings
The framework is fully functional as a standalone security platform. The autonomous agent layer is what transforms it from a toolkit into a person. This release gives you everything you need to build that layer yourself.
---
## Philosophy
AUTARCH exists because the best way to understand how attackers think is to build one and watch it work.
Security professionals spend their careers trying to anticipate what adversaries will do. AUTARCH provides that adversary — not as a theoretical model, but as a functional agent that makes real decisions, takes real actions, and produces real results within controlled environments.
The name says it all. An autarch is a sovereign ruler — one who governs themselves. Project AUTARCH is a hacker that governs itself.
---
*darkHal Security Group & Setec Security Labs*
*Originally proposed under D.I.A. research grant consideration*

586
docs/install.sh Normal file
View File

@@ -0,0 +1,586 @@
#!/bin/bash
# ╔══════════════════════════════════════════════════════════════════╗
# ║ AUTARCH Installer ║
# ║ Autonomous Tactical Agent for Reconnaissance, ║
# ║ Counterintelligence, and Hacking ║
# ║ By darkHal Security Group & Setec Security Labs ║
# ╚══════════════════════════════════════════════════════════════════╝
set -e
# ── Colors & Symbols ─────────────────────────────────────────────────
R='\033[91m'; G='\033[92m'; Y='\033[93m'; B='\033[94m'; M='\033[95m'
C='\033[96m'; W='\033[97m'; D='\033[2m'; BLD='\033[1m'; RST='\033[0m'
CHK="${G}${RST}"; CROSS="${R}${RST}"; DOT="${C}${RST}"; ARROW="${M}${RST}"
WARN="${Y}${RST}"
# ── Paths ────────────────────────────────────────────────────────────
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
VENV_DIR="$SCRIPT_DIR/venv"
REQ_FILE="$SCRIPT_DIR/requirements.txt"
# ── State ────────────────────────────────────────────────────────────
INSTALL_LLM_LOCAL=false
INSTALL_LLM_CLOUD=false
INSTALL_LLM_HF=false
INSTALL_SYSTEM_TOOLS=false
INSTALL_NODE_HW=false
GPU_TYPE="none"
TOTAL_STEPS=0
CURRENT_STEP=0
# ── Helper Functions ─────────────────────────────────────────────────
clear_screen() { printf '\033[2J\033[H'; }
# Draw a horizontal rule
hr() {
local char="${1:-}"
printf "${D}"
printf '%*s' 66 '' | tr ' ' "$char"
printf "${RST}\n"
}
# Print a styled header
header() {
printf "\n${BLD}${C} $1${RST}\n"
hr
}
# Print a status line
status() { printf " ${DOT} $1\n"; }
ok() { printf " ${CHK} $1\n"; }
fail() { printf " ${CROSS} $1\n"; }
warn() { printf " ${WARN} $1\n"; }
info() { printf " ${ARROW} $1\n"; }
# Progress bar
progress_bar() {
local pct=$1
local width=40
local filled=$(( pct * width / 100 ))
local empty=$(( width - filled ))
printf "\r ${D}[${RST}${G}"
printf '%*s' "$filled" '' | tr ' ' '█'
printf "${D}"
printf '%*s' "$empty" '' | tr ' ' '░'
printf "${RST}${D}]${RST} ${W}%3d%%${RST}" "$pct"
}
step_progress() {
CURRENT_STEP=$((CURRENT_STEP + 1))
local pct=$((CURRENT_STEP * 100 / TOTAL_STEPS))
progress_bar "$pct"
printf " ${D}$1${RST}\n"
}
# Detect OS
detect_os() {
case "$(uname -s)" in
Linux*) OS="linux" ;;
Darwin*) OS="macos" ;;
MINGW*|MSYS*|CYGWIN*) OS="windows" ;;
*) OS="unknown" ;;
esac
}
# Check if command exists
has() { command -v "$1" &>/dev/null; }
# ── Banner ───────────────────────────────────────────────────────────
show_banner() {
clear_screen
printf "${R}${BLD}"
cat << 'BANNER'
▄▄▄ █ ██ ▄▄▄█████▓ ▄▄▄ ██▀███ ▄████▄ ██░ ██
▒████▄ ██ ▓██▒▓ ██▒ ▓▒▒████▄ ▓██ ▒ ██▒▒██▀ ▀█ ▓██░ ██▒
▒██ ▀█▄ ▓██ ▒██░▒ ▓██░ ▒░▒██ ▀█▄ ▓██ ░▄█ ▒▒▓█ ▄ ▒██▀▀██░
░██▄▄▄▄██ ▓▓█ ░██░░ ▓██▓ ░ ░██▄▄▄▄██ ▒██▀▀█▄ ▒▓▓▄ ▄██▒░▓█ ░██
▓█ ▓██▒▒▒█████▓ ▒██▒ ░ ▓█ ▓██▒░██▓ ▒██▒▒ ▓███▀ ░░▓█▒░██▓
▒▒ ▓▒█░░▒▓▒ ▒ ▒ ▒ ░░ ▒▒ ▓▒█░░ ▒▓ ░▒▓░░ ░▒ ▒ ░ ▒ ░░▒░▒
▒ ▒▒ ░░░▒░ ░ ░ ░ ▒ ▒▒ ░ ░▒ ░ ▒░ ░ ▒ ▒ ░▒░ ░
░ ▒ ░░░ ░ ░ ░ ░ ▒ ░░ ░ ░ ░ ░░ ░
░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
BANNER
printf "${RST}"
printf "${C}${BLD} ╔══════════════════════════════════╗${RST}\n"
printf "${C}${BLD} ║ I N S T A L L E R v1.0 ║${RST}\n"
printf "${C}${BLD} ╚══════════════════════════════════╝${RST}\n"
printf "${D} By darkHal Security Group & Setec Security Labs${RST}\n\n"
}
# ── System Check ─────────────────────────────────────────────────────
show_system_check() {
header "SYSTEM CHECK"
detect_os
case "$OS" in
linux) ok "OS: Linux ($(. /etc/os-release 2>/dev/null && echo "$PRETTY_NAME" || uname -r))" ;;
macos) ok "OS: macOS $(sw_vers -productVersion 2>/dev/null)" ;;
windows) ok "OS: Windows (MSYS2/Git Bash)" ;;
*) warn "OS: Unknown ($(uname -s))" ;;
esac
# Python
if has python3; then
local pyver=$(python3 --version 2>&1 | awk '{print $2}')
local pymajor=$(echo "$pyver" | cut -d. -f1)
local pyminor=$(echo "$pyver" | cut -d. -f2)
if [ "$pymajor" -ge 3 ] && [ "$pyminor" -ge 10 ]; then
ok "Python $pyver"
else
warn "Python $pyver ${D}(3.10+ recommended)${RST}"
fi
elif has python; then
local pyver=$(python --version 2>&1 | awk '{print $2}')
ok "Python $pyver ${D}(using 'python' command)${RST}"
else
fail "Python not found — install Python 3.10+"
exit 1
fi
# pip
if has pip3 || has pip; then
ok "pip available"
else
fail "pip not found"
exit 1
fi
# Git
if has git; then
ok "Git $(git --version | awk '{print $3}')"
else
warn "Git not found ${D}(optional)${RST}"
fi
# Node/npm
if has node && has npm; then
ok "Node $(node --version) / npm $(npm --version 2>/dev/null)"
else
warn "Node.js not found ${D}(needed for hardware WebUSB libs)${RST}"
fi
# System tools
local tools=("nmap" "tshark" "openssl" "adb" "fastboot" "wg" "upnpc")
local found=()
local missing=()
for t in "${tools[@]}"; do
if has "$t"; then
found+=("$t")
else
missing+=("$t")
fi
done
if [ ${#found[@]} -gt 0 ]; then
ok "System tools: ${G}${found[*]}${RST}"
fi
if [ ${#missing[@]} -gt 0 ]; then
info "Not found: ${D}${missing[*]}${RST} ${D}(optional)${RST}"
fi
# GPU detection
if has nvidia-smi; then
local gpu_name=$(nvidia-smi --query-gpu=name --format=csv,noheader 2>/dev/null | head -1)
ok "GPU: ${G}$gpu_name${RST} (CUDA)"
GPU_TYPE="cuda"
elif has rocm-smi; then
ok "GPU: AMD ROCm detected"
GPU_TYPE="rocm"
elif [ -d "/opt/intel" ] || has xpu-smi; then
ok "GPU: Intel XPU detected"
GPU_TYPE="intel"
elif [ "$OS" = "macos" ]; then
ok "GPU: Apple Metal (auto via llama-cpp)"
GPU_TYPE="metal"
else
info "No GPU detected ${D}(CPU-only mode)${RST}"
fi
echo
}
# ── Interactive Menu ─────────────────────────────────────────────────
show_menu() {
header "INSTALL OPTIONS"
echo
printf " ${BLD}${W}What would you like to install?${RST}\n\n"
printf " ${BLD}${C}[1]${RST} ${W}Core only${RST} ${D}Flask, OSINT, networking, analysis${RST}\n"
printf " ${BLD}${C}[2]${RST} ${W}Core + Local LLM${RST} ${D}+ llama-cpp-python (GGUF models)${RST}\n"
printf " ${BLD}${C}[3]${RST} ${W}Core + Cloud LLM${RST} ${D}+ anthropic SDK (Claude API)${RST}\n"
printf " ${BLD}${C}[4]${RST} ${W}Core + HuggingFace${RST} ${D}+ transformers, torch, accelerate${RST}\n"
printf " ${BLD}${C}[5]${RST} ${W}Full install${RST} ${D}All of the above${RST}\n"
echo
printf " ${BLD}${Y}[S]${RST} ${W}System tools${RST} ${D}nmap, tshark, openssl, adb (Linux only)${RST}\n"
printf " ${BLD}${Y}[H]${RST} ${W}Hardware libs${RST} ${D}Build WebUSB/Serial JS bundles (needs npm)${RST}\n"
echo
printf " ${BLD}${R}[Q]${RST} ${W}Quit${RST}\n"
echo
hr
printf " ${BLD}Choice: ${RST}"
read -r choice
case "$choice" in
1) ;;
2) INSTALL_LLM_LOCAL=true ;;
3) INSTALL_LLM_CLOUD=true ;;
4) INSTALL_LLM_HF=true ;;
5) INSTALL_LLM_LOCAL=true; INSTALL_LLM_CLOUD=true; INSTALL_LLM_HF=true ;;
s|S) INSTALL_SYSTEM_TOOLS=true ;;
h|H) INSTALL_NODE_HW=true ;;
q|Q) printf "\n ${D}Bye.${RST}\n\n"; exit 0 ;;
*) warn "Invalid choice"; show_menu; return ;;
esac
# Extras prompt (only for options 1-5)
if [[ "$choice" =~ ^[1-5]$ ]]; then
echo
printf " ${D}Also install system tools? (nmap, tshark, etc.) [y/N]:${RST} "
read -r yn
[[ "$yn" =~ ^[Yy] ]] && INSTALL_SYSTEM_TOOLS=true
printf " ${D}Also build hardware JS bundles? (needs npm) [y/N]:${RST} "
read -r yn
[[ "$yn" =~ ^[Yy] ]] && INSTALL_NODE_HW=true
fi
}
# ── Install Functions ────────────────────────────────────────────────
get_pip() {
if has pip3; then echo "pip3"
elif has pip; then echo "pip"
fi
}
get_python() {
if has python3; then echo "python3"
elif has python; then echo "python"
fi
}
create_venv() {
header "VIRTUAL ENVIRONMENT"
if [ -d "$VENV_DIR" ]; then
ok "venv already exists at ${D}$VENV_DIR${RST}"
else
status "Creating virtual environment..."
$(get_python) -m venv "$VENV_DIR"
ok "Created venv at ${D}$VENV_DIR${RST}"
fi
# Activate
if [ "$OS" = "windows" ]; then
source "$VENV_DIR/Scripts/activate" 2>/dev/null || source "$VENV_DIR/bin/activate"
else
source "$VENV_DIR/bin/activate"
fi
ok "Activated venv ${D}($(which python))${RST}"
echo
}
install_core() {
header "CORE DEPENDENCIES"
step_progress "Upgrading pip..."
$(get_python) -m pip install --upgrade pip setuptools wheel -q 2>&1 | tail -1
step_progress "Installing core packages..."
# Install from requirements.txt but skip optional LLM lines
# Core packages: flask, bcrypt, requests, msgpack, pyserial, esptool, pyshark, qrcode, Pillow
local core_pkgs=(
"flask>=3.0"
"bcrypt>=4.0"
"requests>=2.31"
"msgpack>=1.0"
"pyserial>=3.5"
"esptool>=4.0"
"pyshark>=0.6"
"qrcode>=7.0"
"Pillow>=10.0"
)
for pkg in "${core_pkgs[@]}"; do
local name=$(echo "$pkg" | sed 's/[>=<].*//')
step_progress "$name"
pip install "$pkg" -q 2>&1 | tail -1
done
ok "Core dependencies installed"
echo
}
install_llm_local() {
header "LOCAL LLM (llama-cpp-python)"
if [ "$GPU_TYPE" = "cuda" ]; then
info "CUDA detected — building with GPU acceleration"
step_progress "llama-cpp-python (CUDA)..."
CMAKE_ARGS="-DGGML_CUDA=on" pip install llama-cpp-python>=0.3.16 --force-reinstall --no-cache-dir -q 2>&1 | tail -1
elif [ "$GPU_TYPE" = "rocm" ]; then
info "ROCm detected — building with AMD GPU acceleration"
step_progress "llama-cpp-python (ROCm)..."
CMAKE_ARGS="-DGGML_HIPBLAS=on" pip install llama-cpp-python>=0.3.16 --force-reinstall --no-cache-dir -q 2>&1 | tail -1
elif [ "$GPU_TYPE" = "metal" ]; then
info "Apple Metal — auto-enabled in llama-cpp"
step_progress "llama-cpp-python (Metal)..."
pip install llama-cpp-python>=0.3.16 -q 2>&1 | tail -1
else
info "CPU-only mode"
step_progress "llama-cpp-python (CPU)..."
pip install llama-cpp-python>=0.3.16 -q 2>&1 | tail -1
fi
ok "llama-cpp-python installed"
echo
}
install_llm_cloud() {
header "CLOUD LLM (Anthropic Claude API)"
step_progress "anthropic SDK..."
pip install "anthropic>=0.40" -q 2>&1 | tail -1
ok "Anthropic SDK installed"
info "Set your API key in autarch_settings.conf [claude] section"
echo
}
install_llm_hf() {
header "HUGGINGFACE (transformers + torch)"
step_progress "transformers..."
pip install "transformers>=4.35" -q 2>&1 | tail -1
step_progress "accelerate..."
pip install "accelerate>=0.25" -q 2>&1 | tail -1
# PyTorch — pick the right variant
step_progress "PyTorch..."
if [ "$GPU_TYPE" = "cuda" ]; then
info "Installing PyTorch with CUDA support..."
pip install torch --index-url https://download.pytorch.org/whl/cu121 -q 2>&1 | tail -1
elif [ "$GPU_TYPE" = "rocm" ]; then
info "Installing PyTorch with ROCm support..."
pip install torch --index-url https://download.pytorch.org/whl/rocm6.0 -q 2>&1 | tail -1
elif [ "$GPU_TYPE" = "intel" ]; then
info "Installing PyTorch with Intel XPU support..."
pip install torch intel-extension-for-pytorch -q 2>&1 | tail -1
else
pip install torch -q 2>&1 | tail -1
fi
# bitsandbytes (Linux/CUDA only)
if [ "$OS" = "linux" ] && [ "$GPU_TYPE" = "cuda" ]; then
step_progress "bitsandbytes (quantization)..."
pip install "bitsandbytes>=0.41" -q 2>&1 | tail -1
else
info "Skipping bitsandbytes ${D}(Linux + CUDA only)${RST}"
fi
ok "HuggingFace stack installed"
echo
}
install_system_tools() {
header "SYSTEM TOOLS"
if [ "$OS" != "linux" ]; then
warn "System tool install is only automated on Linux (apt/dnf/pacman)"
info "On $OS, install these manually: nmap, wireshark-cli, openssl, android-tools"
echo
return
fi
# Detect package manager
local PM=""
local INSTALL=""
if has apt-get; then
PM="apt"
INSTALL="sudo apt-get install -y"
elif has dnf; then
PM="dnf"
INSTALL="sudo dnf install -y"
elif has pacman; then
PM="pacman"
INSTALL="sudo pacman -S --noconfirm"
else
warn "No supported package manager found (apt/dnf/pacman)"
echo
return
fi
ok "Package manager: ${G}$PM${RST}"
local packages=()
# nmap
if ! has nmap; then
packages+=("nmap")
status "Will install: nmap"
else
ok "nmap already installed"
fi
# tshark
if ! has tshark; then
case "$PM" in
apt) packages+=("tshark") ;;
dnf) packages+=("wireshark-cli") ;;
pacman) packages+=("wireshark-cli") ;;
esac
status "Will install: tshark/wireshark-cli"
else
ok "tshark already installed"
fi
# openssl
if ! has openssl; then
packages+=("openssl")
status "Will install: openssl"
else
ok "openssl already installed"
fi
# adb/fastboot
if ! has adb; then
case "$PM" in
apt) packages+=("android-tools-adb android-tools-fastboot") ;;
dnf) packages+=("android-tools") ;;
pacman) packages+=("android-tools") ;;
esac
status "Will install: adb + fastboot"
else
ok "adb already installed"
fi
# wireguard
if ! has wg; then
case "$PM" in
apt) packages+=("wireguard wireguard-tools") ;;
dnf) packages+=("wireguard-tools") ;;
pacman) packages+=("wireguard-tools") ;;
esac
status "Will install: wireguard-tools"
else
ok "wireguard already installed"
fi
# miniupnpc
if ! has upnpc; then
packages+=("miniupnpc")
status "Will install: miniupnpc"
else
ok "miniupnpc already installed"
fi
if [ ${#packages[@]} -gt 0 ]; then
echo
info "Installing with: $PM"
if [ "$PM" = "apt" ]; then
sudo apt-get update -qq 2>&1 | tail -1
fi
$INSTALL ${packages[@]} 2>&1 | tail -5
ok "System tools installed"
else
ok "All system tools already present"
fi
echo
}
install_node_hw() {
header "HARDWARE JS BUNDLES (WebUSB / Web Serial)"
if ! has npm; then
fail "npm not found — install Node.js first"
info "https://nodejs.org or: apt install nodejs npm"
echo
return
fi
step_progress "npm install..."
(cd "$SCRIPT_DIR" && npm install --silent 2>&1 | tail -3)
step_progress "Building bundles..."
if [ -f "$SCRIPT_DIR/scripts/build-hw-libs.sh" ]; then
(cd "$SCRIPT_DIR" && bash scripts/build-hw-libs.sh 2>&1 | tail -5)
ok "Hardware bundles built"
else
warn "scripts/build-hw-libs.sh not found"
fi
echo
}
# ── Summary ──────────────────────────────────────────────────────────
show_summary() {
hr "═"
printf "\n${BLD}${G} INSTALLATION COMPLETE${RST}\n\n"
printf " ${BLD}${W}Quick Start:${RST}\n"
echo
if [ "$OS" = "windows" ]; then
printf " ${D}# Activate the virtual environment${RST}\n"
printf " ${C}source venv/Scripts/activate${RST}\n\n"
else
printf " ${D}# Activate the virtual environment${RST}\n"
printf " ${C}source venv/bin/activate${RST}\n\n"
fi
printf " ${D}# Launch the CLI${RST}\n"
printf " ${C}python autarch.py${RST}\n\n"
printf " ${D}# Launch the web dashboard${RST}\n"
printf " ${C}python autarch_web.py${RST}\n\n"
printf " ${D}# Open in browser${RST}\n"
printf " ${C}https://localhost:8181${RST}\n"
echo
if $INSTALL_LLM_LOCAL; then
printf " ${ARROW} Local LLM: place a .gguf model in ${D}models/${RST}\n"
printf " ${D}and set model_path in autarch_settings.conf [llama]${RST}\n"
fi
if $INSTALL_LLM_CLOUD; then
printf " ${ARROW} Claude API: set api_key in ${D}autarch_settings.conf [claude]${RST}\n"
fi
echo
hr "═"
echo
}
# ── Main ─────────────────────────────────────────────────────────────
main() {
show_banner
show_system_check
show_menu
# Calculate total steps for progress
TOTAL_STEPS=11 # pip upgrade + 9 core packages + 1 finish
$INSTALL_LLM_LOCAL && TOTAL_STEPS=$((TOTAL_STEPS + 1))
$INSTALL_LLM_CLOUD && TOTAL_STEPS=$((TOTAL_STEPS + 1))
$INSTALL_LLM_HF && TOTAL_STEPS=$((TOTAL_STEPS + 4))
$INSTALL_NODE_HW && TOTAL_STEPS=$((TOTAL_STEPS + 2))
echo
create_venv
install_core
$INSTALL_LLM_LOCAL && install_llm_local
$INSTALL_LLM_CLOUD && install_llm_cloud
$INSTALL_LLM_HF && install_llm_hf
$INSTALL_SYSTEM_TOOLS && install_system_tools
$INSTALL_NODE_HW && install_node_hw
show_summary
}
main "$@"

669
docs/setec_manager_plan.md Normal file
View File

@@ -0,0 +1,669 @@
# Setec App Manager — Architecture Plan
**A lightweight Plesk/cPanel replacement built in Go, designed to work with AUTARCH**
By darkHal Security Group & Setec Security Labs
---
## 1. What Is This?
Setec App Manager is a standalone Go application that turns a bare Debian 13 VPS into a fully managed web hosting platform. It provides:
- A **web dashboard** (its own HTTP server on port 9090) for managing the VPS
- **Multi-domain hosting** with Nginx reverse proxy management
- **Git-based deployment** (clone, pull, restart)
- **SSL/TLS automation** via Let's Encrypt (ACME)
- **AUTARCH-native integration** — first-class support for deploying and managing AUTARCH instances
- **System administration** — users, firewall, packages, monitoring, backups
- **Float Mode backend** — WebSocket bridge for AUTARCH Cloud Edition USB passthrough
It is NOT a general-purpose hosting panel. It is purpose-built for running AUTARCH and supporting web applications on a single VPS, with the lightest possible footprint.
---
## 2. Technology Stack
| Component | Choice | Rationale |
|-----------|--------|-----------|
| Language | Go 1.22+ | Single binary, no runtime deps, fast |
| Web framework | `net/http` + `chi` router | Lightweight, stdlib-based |
| Templates | Go `html/template` | Built-in, secure, fast |
| Database | SQLite (via `modernc.org/sqlite`) | Zero-config, embedded, pure Go |
| Reverse proxy | Nginx (managed configs) | Battle-tested, performant |
| SSL | certbot / ACME (`golang.org/x/crypto/acme`) | Let's Encrypt automation |
| Auth | bcrypt + JWT sessions | Compatible with AUTARCH's credential format |
| Firewall | ufw / iptables (via exec) | Standard Debian tooling |
| Process mgmt | systemd (unit generation) | Native Debian service management |
| WebSocket | `gorilla/websocket` | For Float Mode USB bridge + live logs |
---
## 3. Directory Structure
```
/opt/setec-manager/
├── setec-manager # Single Go binary
├── config.yaml # Manager configuration
├── data/
│ ├── setec.db # SQLite database (sites, users, logs, jobs)
│ ├── credentials.json # Admin credentials (bcrypt)
│ └── acme/ # Let's Encrypt account + certs
├── templates/ # Embedded HTML templates (via embed.FS)
├── static/ # Embedded CSS/JS assets
└── nginx/
├── sites-available/ # Generated per-domain configs
└── snippets/ # Shared SSL/proxy snippets
```
**Managed directories on the VPS:**
```
/var/www/ # Web applications root
├── autarch/ # AUTARCH instance (cloned from git)
├── example.com/ # Static site or app
└── api.example.com/ # Another app
/etc/nginx/
├── sites-available/ # Setec-generated Nginx configs
├── sites-enabled/ # Symlinks to active sites
└── snippets/
├── ssl-params.conf # Shared SSL settings
└── proxy-params.conf # Shared proxy headers
/etc/systemd/system/
├── setec-manager.service # Manager itself
├── autarch-web.service # AUTARCH web service
├── autarch-dns.service # AUTARCH DNS service
└── app-*.service # Per-app service units
```
---
## 4. Database Schema
```sql
-- Sites / domains managed by the panel
CREATE TABLE sites (
id INTEGER PRIMARY KEY AUTOINCREMENT,
domain TEXT NOT NULL UNIQUE,
aliases TEXT DEFAULT '', -- comma-separated alt domains
app_type TEXT NOT NULL DEFAULT 'static', -- 'static', 'reverse_proxy', 'autarch', 'python', 'node'
app_root TEXT NOT NULL, -- /var/www/domain.com
app_port INTEGER DEFAULT 0, -- backend port (for reverse proxy)
app_entry TEXT DEFAULT '', -- entry point (e.g., autarch_web.py, server.js)
git_repo TEXT DEFAULT '', -- git clone URL
git_branch TEXT DEFAULT 'main',
ssl_enabled BOOLEAN DEFAULT FALSE,
ssl_cert_path TEXT DEFAULT '',
ssl_key_path TEXT DEFAULT '',
ssl_auto BOOLEAN DEFAULT TRUE, -- auto Let's Encrypt
enabled BOOLEAN DEFAULT TRUE,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
-- System users (for SSH/SFTP access)
CREATE TABLE system_users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
uid INTEGER,
home_dir TEXT,
shell TEXT DEFAULT '/bin/bash',
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
-- Manager users (web panel login)
CREATE TABLE manager_users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
password_hash TEXT NOT NULL,
role TEXT DEFAULT 'admin', -- 'admin', 'viewer'
force_change BOOLEAN DEFAULT FALSE,
last_login DATETIME,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
-- Deployment history
CREATE TABLE deployments (
id INTEGER PRIMARY KEY AUTOINCREMENT,
site_id INTEGER REFERENCES sites(id),
action TEXT NOT NULL, -- 'clone', 'pull', 'restart', 'ssl_renew'
status TEXT DEFAULT 'pending', -- 'pending', 'running', 'success', 'failed'
output TEXT DEFAULT '',
started_at DATETIME,
finished_at DATETIME
);
-- Scheduled jobs (SSL renewal, backups, git pull)
CREATE TABLE cron_jobs (
id INTEGER PRIMARY KEY AUTOINCREMENT,
site_id INTEGER REFERENCES sites(id), -- NULL for system jobs
job_type TEXT NOT NULL, -- 'ssl_renew', 'backup', 'git_pull', 'restart'
schedule TEXT NOT NULL, -- cron expression
enabled BOOLEAN DEFAULT TRUE,
last_run DATETIME,
next_run DATETIME
);
-- Firewall rules
CREATE TABLE firewall_rules (
id INTEGER PRIMARY KEY AUTOINCREMENT,
direction TEXT DEFAULT 'in', -- 'in', 'out'
protocol TEXT DEFAULT 'tcp',
port TEXT NOT NULL, -- '80', '443', '8181', '80,443', '1000:2000'
source TEXT DEFAULT 'any',
action TEXT DEFAULT 'allow', -- 'allow', 'deny'
comment TEXT DEFAULT '',
enabled BOOLEAN DEFAULT TRUE
);
-- Float Mode sessions (AUTARCH Cloud Edition)
CREATE TABLE float_sessions (
id TEXT PRIMARY KEY, -- UUID session token
user_id INTEGER REFERENCES manager_users(id),
client_ip TEXT,
client_agent TEXT, -- browser user-agent
usb_bridge BOOLEAN DEFAULT FALSE, -- USB passthrough active
connected_at DATETIME DEFAULT CURRENT_TIMESTAMP,
last_ping DATETIME,
expires_at DATETIME
);
-- Backups
CREATE TABLE backups (
id INTEGER PRIMARY KEY AUTOINCREMENT,
site_id INTEGER REFERENCES sites(id), -- NULL for full system backup
backup_type TEXT DEFAULT 'site', -- 'site', 'database', 'full'
file_path TEXT NOT NULL,
size_bytes INTEGER DEFAULT 0,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
```
---
## 5. Web Dashboard Routes
### 5.1 Authentication
```
GET /login → Login page
POST /login → Authenticate (returns JWT cookie)
POST /logout → Clear session
GET /api/auth/status → Current user info
```
### 5.2 Dashboard
```
GET / → Dashboard overview (system stats, sites, services)
GET /api/system/info → CPU, RAM, disk, uptime, load
GET /api/system/processes → Top processes by resource usage
```
### 5.3 Site Management
```
GET /sites → Site list page
GET /sites/new → New site form
POST /sites → Create site (clone repo, generate nginx config, enable)
GET /sites/:id → Site detail / edit
PUT /sites/:id → Update site config
DELETE /sites/:id → Remove site (disable nginx, optionally delete files)
POST /sites/:id/deploy → Git pull + restart
POST /sites/:id/restart → Restart app service
POST /sites/:id/stop → Stop app service
POST /sites/:id/start → Start app service
GET /sites/:id/logs → View app logs (journalctl stream)
GET /sites/:id/logs/stream → SSE live log stream
```
### 5.4 AUTARCH Management
```
POST /autarch/install → Clone from git, setup venv, install deps
POST /autarch/update → Git pull + pip install + restart
GET /autarch/status → Service status, version, config
POST /autarch/start → Start AUTARCH web + DNS
POST /autarch/stop → Stop all AUTARCH services
POST /autarch/restart → Restart all AUTARCH services
GET /autarch/config → Read autarch_settings.conf
PUT /autarch/config → Update autarch_settings.conf
POST /autarch/dns/build → Build DNS server from source
```
### 5.5 SSL / Certificates
```
GET /ssl → Certificate overview
POST /ssl/:domain/issue → Issue Let's Encrypt cert (ACME)
POST /ssl/:domain/renew → Renew cert
POST /ssl/:domain/upload → Upload custom cert + key
DELETE /ssl/:domain → Remove cert
GET /api/ssl/status → All cert statuses + expiry dates
```
### 5.6 Nginx Management
```
GET /nginx/status → Nginx service status + config test
POST /nginx/reload → Reload nginx (graceful)
POST /nginx/restart → Restart nginx
GET /nginx/config/:domain → View generated config
PUT /nginx/config/:domain → Edit config (with validation)
POST /nginx/test → nginx -t (config syntax check)
```
### 5.7 Firewall
```
GET /firewall → Rule list + status
POST /firewall/rules → Add rule
DELETE /firewall/rules/:id → Remove rule
POST /firewall/enable → Enable firewall (ufw enable)
POST /firewall/disable → Disable firewall
GET /api/firewall/status → Current rules + status JSON
```
### 5.8 System Users
```
GET /users → System user list
POST /users → Create system user (useradd)
DELETE /users/:id → Remove system user
POST /users/:id/password → Reset password
POST /users/:id/ssh-key → Add SSH public key
```
### 5.9 Panel Users
```
GET /panel/users → Manager user list
POST /panel/users → Create panel user
PUT /panel/users/:id → Update (role, password)
DELETE /panel/users/:id → Remove
```
### 5.10 Backups
```
GET /backups → Backup list
POST /backups/site/:id → Backup specific site (tar.gz)
POST /backups/full → Full system backup
POST /backups/:id/restore → Restore from backup
DELETE /backups/:id → Delete backup file
GET /backups/:id/download → Download backup archive
```
### 5.11 Monitoring
```
GET /monitor → System monitoring page
GET /api/monitor/cpu → CPU usage (1s sample)
GET /api/monitor/memory → Memory usage
GET /api/monitor/disk → Disk usage per mount
GET /api/monitor/network → Network I/O stats
GET /api/monitor/services → Service status list
WS /api/monitor/live → WebSocket live stats stream (1s interval)
```
### 5.12 Float Mode Backend
```
POST /float/register → Register Float client (returns session token)
WS /float/bridge/:session → WebSocket USB bridge (binary frames)
GET /float/sessions → Active Float sessions
DELETE /float/sessions/:id → Disconnect Float session
POST /float/usb/enumerate → List USB devices on connected client
POST /float/usb/open → Open USB device on client
POST /float/usb/close → Close USB device on client
POST /float/usb/transfer → USB bulk/interrupt transfer via bridge
```
### 5.13 Logs
```
GET /logs → Log viewer page
GET /api/logs/system → System logs (journalctl)
GET /api/logs/nginx → Nginx access + error logs
GET /api/logs/setec → Manager logs
GET /api/logs/stream → SSE live log stream (filterable)
```
---
## 6. Core Features Detail
### 6.1 Site Deployment Flow
When creating a new site:
```
1. User submits: domain, git_repo (optional), app_type, app_port
2. Manager:
a. Creates /var/www/<domain>/
b. If git_repo: git clone <repo> /var/www/<domain>
c. If python app: creates venv, pip install -r requirements.txt
d. If node app: npm install
e. Generates Nginx config from template
f. Writes to /etc/nginx/sites-available/<domain>
g. Symlinks to sites-enabled/
h. If ssl_auto: runs ACME cert issuance
i. Generates systemd unit for the app
j. Starts the app service
k. Reloads nginx
l. Records deployment in database
```
### 6.2 AUTARCH Install Flow
```
1. git clone https://github.com/DigijEth/autarch.git /var/www/autarch
2. chown -R autarch:autarch /var/www/autarch
3. python3 -m venv /var/www/autarch/venv
4. /var/www/autarch/venv/bin/pip install -r /var/www/autarch/requirements.txt
5. npm install (in /var/www/autarch for hardware JS bundles)
6. bash /var/www/autarch/scripts/build-hw-libs.sh
7. Copy default autarch_settings.conf → update web.host/port, web.secret_key
8. Generate systemd units (autarch-web, autarch-dns)
9. Generate Nginx reverse proxy config (domain → localhost:8181)
10. Issue SSL cert
11. Enable + start services
12. Record deployment
```
### 6.3 Nginx Config Templates
**Reverse Proxy (AUTARCH / Python / Node):**
```nginx
server {
listen 80;
server_name {{.Domain}} {{.Aliases}};
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server_name {{.Domain}} {{.Aliases}};
ssl_certificate {{.SSLCertPath}};
ssl_certificate_key {{.SSLKeyPath}};
include snippets/ssl-params.conf;
location / {
proxy_pass https://127.0.0.1:{{.AppPort}};
include snippets/proxy-params.conf;
}
# WebSocket support (for AUTARCH SSE/WebSocket)
location /api/ {
proxy_pass https://127.0.0.1:{{.AppPort}};
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
include snippets/proxy-params.conf;
}
}
```
**Static Site:**
```nginx
server {
listen 443 ssl http2;
server_name {{.Domain}};
root {{.AppRoot}};
index index.html;
ssl_certificate {{.SSLCertPath}};
ssl_certificate_key {{.SSLKeyPath}};
include snippets/ssl-params.conf;
location / {
try_files $uri $uri/ =404;
}
}
```
### 6.4 Firewall Default Rules
On first setup, Setec Manager installs these ufw rules:
```
ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp comment "SSH"
ufw allow 80/tcp comment "HTTP"
ufw allow 443/tcp comment "HTTPS"
ufw allow 9090/tcp comment "Setec Manager"
ufw allow 8181/tcp comment "AUTARCH Web"
ufw allow 53 comment "AUTARCH DNS"
ufw enable
```
### 6.5 Float Mode USB Bridge
The Float Mode bridge is the backend half of AUTARCH Cloud Edition's USB passthrough. It works as follows:
```
┌──────────────────┐ WebSocket ┌──────────────────┐
│ User's Browser │◄──────────────────►│ Setec Manager │
│ (AUTARCH CE) │ │ (VPS) │
└────────┬─────────┘ └────────┬─────────┘
│ │
│ Float Applet │ USB Commands
│ (runs on user's PC) │ forwarded to
│ │ AUTARCH modules
┌────────▼─────────┐ ┌────────▼─────────┐
│ WebSocket Client │ │ AUTARCH Backend │
│ + USB Access │ │ (hardware.py │
│ (native app) │ │ equivalent) │
└────────┬─────────┘ └──────────────────┘
┌────▼────┐
│ USB Hub │ ← Physical devices (phones, ESP32, etc.)
└─────────┘
```
**Protocol:**
1. Float applet on user's PC opens WebSocket to `wss://domain/float/bridge/<session>`
2. Manager authenticates session token
3. Binary WebSocket frames carry USB commands and data:
- Frame type byte: `0x01` = enumerate, `0x02` = open, `0x03` = close, `0x04` = transfer
- Payload: device descriptor, endpoint, data
4. Manager translates USB operations into AUTARCH hardware module calls
5. Results flow back over the same WebSocket
This is the **server side only**. The client applet is designed in `autarch_float.md`.
---
## 7. Go Package Structure
```
services/setec-manager/
├── cmd/
│ └── main.go # Entry point, flag parsing
├── internal/
│ ├── server/
│ │ ├── server.go # HTTP server setup, middleware, router
│ │ ├── auth.go # JWT auth, login/logout handlers
│ │ └── middleware.go # Logging, auth check, CORS
│ ├── handlers/
│ │ ├── dashboard.go # Dashboard + system info
│ │ ├── sites.go # Site CRUD + deployment
│ │ ├── autarch.go # AUTARCH-specific management
│ │ ├── ssl.go # Certificate management
│ │ ├── nginx.go # Nginx config + control
│ │ ├── firewall.go # ufw rule management
│ │ ├── users.go # System + panel user management
│ │ ├── backups.go # Backup/restore operations
│ │ ├── monitor.go # System monitoring + WebSocket stream
│ │ ├── logs.go # Log viewer + SSE stream
│ │ └── float.go # Float Mode WebSocket bridge
│ ├── nginx/
│ │ ├── config.go # Nginx config generation
│ │ ├── templates.go # Go templates for nginx configs
│ │ └── control.go # nginx reload/restart/test
│ ├── acme/
│ │ └── acme.go # Let's Encrypt ACME client
│ ├── deploy/
│ │ ├── git.go # Git clone/pull operations
│ │ ├── python.go # Python venv + pip setup
│ │ ├── node.go # npm install
│ │ └── systemd.go # Service unit generation + control
│ ├── system/
│ │ ├── info.go # CPU, RAM, disk, network stats
│ │ ├── firewall.go # ufw wrapper
│ │ ├── users.go # useradd/userdel/passwd wrappers
│ │ └── packages.go # apt wrapper
│ ├── db/
│ │ ├── db.go # SQLite connection + migrations
│ │ ├── sites.go # Site queries
│ │ ├── users.go # User queries
│ │ ├── deployments.go # Deployment history queries
│ │ ├── backups.go # Backup queries
│ │ └── float.go # Float session queries
│ ├── float/
│ │ ├── bridge.go # WebSocket USB bridge protocol
│ │ ├── session.go # Session management
│ │ └── protocol.go # Binary frame protocol definitions
│ └── config/
│ └── config.go # YAML config loader
├── web/
│ ├── templates/ # HTML templates (embedded)
│ │ ├── base.html
│ │ ├── login.html
│ │ ├── dashboard.html
│ │ ├── sites.html
│ │ ├── site_detail.html
│ │ ├── site_new.html
│ │ ├── autarch.html
│ │ ├── ssl.html
│ │ ├── nginx.html
│ │ ├── firewall.html
│ │ ├── users.html
│ │ ├── backups.html
│ │ ├── monitor.html
│ │ ├── logs.html
│ │ └── float.html
│ └── static/ # CSS/JS assets (embedded)
│ ├── css/style.css
│ └── js/app.js
├── build.sh # Build script
├── go.mod
├── config.yaml # Default config
└── README.md
```
---
## 8. Configuration (config.yaml)
```yaml
server:
host: "0.0.0.0"
port: 9090
tls: true
cert: "/opt/setec-manager/data/acme/manager.crt"
key: "/opt/setec-manager/data/acme/manager.key"
database:
path: "/opt/setec-manager/data/setec.db"
nginx:
sites_available: "/etc/nginx/sites-available"
sites_enabled: "/etc/nginx/sites-enabled"
snippets: "/etc/nginx/snippets"
webroot: "/var/www"
certbot_webroot: "/var/www/certbot"
acme:
email: "" # Let's Encrypt registration email
staging: false # Use LE staging for testing
account_dir: "/opt/setec-manager/data/acme"
autarch:
install_dir: "/var/www/autarch"
git_repo: "https://github.com/DigijEth/autarch.git"
git_branch: "main"
web_port: 8181
dns_port: 53
float:
enabled: false
max_sessions: 10
session_ttl: "24h"
backups:
dir: "/opt/setec-manager/data/backups"
max_age_days: 30
max_count: 50
logging:
level: "info"
file: "/var/log/setec-manager.log"
max_size_mb: 100
max_backups: 3
```
---
## 9. Build Targets
```
Part 1: Core server, auth, dashboard, site CRUD, Nginx config gen,
AUTARCH install/deploy, systemd management
(~4,000 lines)
Part 2: SSL/ACME automation, firewall management, system users,
backup/restore, system monitoring
(~3,500 lines)
Part 3: Float Mode WebSocket bridge, live log streaming,
deployment history, scheduled jobs (cron), web UI polish
(~3,500 lines)
Part 4: Web UI templates + CSS + JS, full frontend for all features
(~3,000 lines Go templates + 2,000 lines CSS/JS)
Total estimated: ~16,000 lines
```
---
## 10. Security Considerations
- Manager runs as root (required for nginx, systemd, useradd)
- Web panel protected by bcrypt + JWT with short-lived tokens
- All subprocess calls use `exec.Command()` with argument arrays (no shell injection)
- Nginx configs validated with `nginx -t` before reload
- ACME challenges served from dedicated webroot (no app interference)
- Float Mode sessions require authentication + have TTL
- USB bridge frames validated for protocol compliance
- SQLite database file permissions: 0600
- Credentials file permissions: 0600
- All user-supplied domains validated against DNS before cert issuance
- Rate limiting on login attempts (5 per minute per IP)
---
## 11. First-Run Bootstrap
When `setec-manager` is run for the first time on a fresh Debian 13 VPS:
```
1. Detect if first run (no config.yaml or empty database)
2. Interactive TUI setup:
a. Set admin username + password
b. Set manager domain (or IP)
c. Set email for Let's Encrypt
d. Configure AUTARCH auto-install (y/n)
3. System setup:
a. apt update && apt install -y nginx certbot python3 python3-venv git ufw
b. Generate Nginx base config + snippets
c. Configure ufw default rules
d. Enable ufw
4. If AUTARCH auto-install:
a. Clone from git
b. Full AUTARCH setup (venv, pip, npm, build)
c. Generate + install systemd units
d. Generate Nginx reverse proxy
e. Issue SSL cert
f. Start AUTARCH
5. Start Setec Manager web dashboard
6. Print access URL
```

1405
docs/user_manual.md Normal file
View File

File diff suppressed because it is too large Load Diff

622
docs/windows_manual.md Normal file
View File

@@ -0,0 +1,622 @@
# AUTARCH — Windows User Manual
**Autonomous Tactical Agent for Reconnaissance, Counterintelligence, and Hacking**
*By darkHal Security Group and Setec Security Labs*
---
## Table of Contents
1. [Windows Overview](#1-windows-overview)
2. [System Requirements](#2-system-requirements)
3. [Installation](#3-installation)
4. [Running AUTARCH on Windows](#4-running-autarch-on-windows)
5. [Web Dashboard](#5-web-dashboard)
6. [LLM Setup on Windows](#6-llm-setup-on-windows)
7. [Metasploit on Windows](#7-metasploit-on-windows)
8. [Nmap on Windows](#8-nmap-on-windows)
9. [Hardware & Device Tools](#9-hardware--device-tools)
10. [WireGuard VPN](#10-wireguard-vpn)
11. [Known Limitations on Windows](#11-known-limitations-on-windows)
12. [Troubleshooting](#12-troubleshooting)
13. [Quick Reference](#13-quick-reference)
---
## 1. Windows Overview
AUTARCH runs on Windows with most features fully functional. A few Linux-specific tools (like `tshark` packet capture and WireGuard kernel integration) have limited support, but the web dashboard, AI chat, OSINT tools, hardware management, and Metasploit all work on Windows.
**What works on Windows:**
- Web dashboard (full UI — 59 blueprints, all tool pages)
- AI chat (all LLM backends — Claude API, OpenAI, local GGUF, HuggingFace)
- All 72 CLI modules
- OSINT tools (7,200+ sites, username/email/domain/IP/phone lookup)
- Android/iPhone device management via ADB (USB or WebUSB)
- Hardware ESP32 flashing
- Metasploit RPC client (MSF must be started separately)
- Reverse shell management
- C2 Framework, Load Test, Gone Fishing Mail Server
- Vulnerability Scanner, Exploit Development, Social Engineering
- Active Directory Audit, MITM Proxy, WiFi Audit
- Password Toolkit, Web Scanner, API Fuzzer, Cloud Scanner
- Steganography, Anti-Forensics, Forensics, Reverse Engineering
- BLE Scanner, RFID/NFC Tools, Malware Sandbox
- Container Security, Email Security, Incident Response
- Report Engine, Net Mapper, Log Correlator, Threat Intel
- SDR/RF Tools (with Drone Detection), Starlink Hack
- SMS Forge, RCS/SMS Exploitation
- Pineapple/Rogue AP, Deauth (require Linux/Raspberry Pi for full functionality)
- Targets, Autonomy, Encrypted Modules, LLM Trainer
- Agent Hal (autonomous AI agent)
**What has reduced functionality on Windows:**
- Packet capture (`tshark`/`pyshark`) — requires Npcap
- WireGuard — requires Windows WireGuard app
- Linux service manager (`--service` flag) — use Task Scheduler instead
- Metasploit auto-start — must start MSF manually
---
## 2. System Requirements
| Component | Minimum | Recommended |
|-----------|---------|-------------|
| OS | Windows 10 (64-bit) | Windows 11 |
| RAM | 4 GB | 16 GB (for local AI models) |
| Storage | 2 GB free | 20 GB (for AI models) |
| Python | 3.10 | 3.11 or 3.12 |
| Browser | Chrome / Edge | Chrome (required for WebUSB) |
| GPU (AI) | None needed | NVIDIA GPU (for GPU-accelerated models) |
---
## 3. Installation
### Step 1 — Install Python
Download Python from [python.org](https://www.python.org/downloads/). During installation:
- **Check "Add Python to PATH"** (critical — do this before clicking Install Now)
- Check "Install pip"
- Use the default installation path
Verify the install by opening Command Prompt and typing:
```
python --version
pip --version
```
Both should print version numbers without errors.
### Step 2 — Get AUTARCH
If you received AUTARCH as a ZIP file, extract it to a folder like `C:\she\autarch`.
### Step 3 — Install Dependencies
Open Command Prompt, navigate to your AUTARCH folder, and run:
```
cd C:\she\autarch
pip install -r requirements.txt
```
This installs Flask, requests, and other core libraries. It may take a few minutes.
**Note on bitsandbytes:** The `requirements.txt` includes `bitsandbytes` for GPU model quantization. This package requires Linux/CUDA to fully work. On Windows without CUDA:
```
pip install bitsandbytes --prefer-binary
```
If it fails, you can skip it — AUTARCH will detect its absence and load models without quantization automatically. No other features are affected.
### Step 4 — First Run
```
python autarch.py
```
A setup wizard will appear asking you to configure an AI backend. If you don't have an AI model yet, choose **Skip Setup** — you can configure it later in Settings → LLM Config.
---
## 4. Running AUTARCH on Windows
### Starting the Terminal Menu
```
python autarch.py
```
Navigate with number keys. Type `0` to go back. Type `99` for Settings.
### Starting the Web Dashboard
```
python autarch.py --web
```
Then open your browser to: `http://localhost:8080`
> **Tip:** Use `http://YOUR-IP:8080` (find your IP with `ipconfig`) to access from other devices on your network.
### Useful Startup Flags
| Command | What It Does |
|---------|-------------|
| `python autarch.py` | Start the interactive menu |
| `python autarch.py --web` | Start the web dashboard |
| `python autarch.py --web --port 9090` | Use a different port |
| `python autarch.py -m chat` | Start AI chat directly |
| `python autarch.py --setup` | Re-run the setup wizard |
| `python autarch.py --skip-setup` | Skip AI setup |
| `python autarch.py --show-config` | Show current settings |
| `python autarch.py --mcp stdio` | Start MCP server |
| `python autarch.py -l` | List all available modules |
### Running as a Background Service on Windows
AUTARCH's `--service` commands use Linux `systemd`. On Windows, use **Task Scheduler** instead:
1. Open Task Scheduler (`taskschd.msc`)
2. Create Basic Task → name it "AUTARCH"
3. Trigger: "When the computer starts"
4. Action: Start a program
- Program: `python`
- Arguments: `C:\she\autarch\autarch.py --web`
- Start in: `C:\she\autarch`
5. Run whether user is logged on or not
Alternatively, use **NSSM** (Non-Sucking Service Manager) for a proper Windows service:
```
nssm install AUTARCH "python" "C:\she\autarch\autarch.py --web"
nssm start AUTARCH
```
---
## 5. Web Dashboard
The dashboard runs on port **8080** by default. Access it at `http://localhost:8080`.
### Login
Default credentials are set during first-run setup. Change them in Settings → Password.
### Sidebar Navigation
| Section | What's There |
|---------|-------------|
| Dashboard | System overview, tool status |
| Targets | Pentest scope and target management |
| Autonomy | AI-driven autonomous security operations |
| Defense | System hardening, Linux/Windows/Threat Monitor, Threat Intel, Log Correlator, Container Sec, Email Sec, Incident Response |
| Offense | Metasploit, Load Test, Gone Fishing, Social Eng, Hack Hijack, Web Scanner, C2 Framework, WiFi Audit, Deauth, API Fuzzer, Cloud Scan, Vuln Scanner, Exploit Dev, AD Audit, MITM Proxy, Pineapple, SMS Forge |
| Counter | Threat hunting, Steganography, Anti-Forensics |
| Analyze | File forensics, Hash Toolkit, LLM Trainer, Password Toolkit, Net Mapper, Reports, BLE Scanner, Forensics, RFID/NFC, Malware Sandbox, Reverse Eng |
| OSINT | Intelligence gathering, IP Capture |
| Simulate | Attack scenarios, Legendary Creator |
| Tools | Enc Modules, Wireshark, Hardware, Android Exploit (+ SMS Forge), iPhone Exploit, Shield, Reverse Shell, Archon, SDR/RF Tools, Starlink Hack, RCS Tools |
| System | UPnP, WireGuard, DNS Server, MSF Console, Chat, Settings |
### HAL Chat Button
The **HAL** button in the bottom-right corner opens a persistent AI chat panel. It works on every page and uses whatever LLM backend you have configured.
### Debug Console
The **DBG** button (bottom-right, appears after first action) opens a live debug panel showing system logs. Use it to diagnose errors, see LLM load status, and trace tool activity.
---
## 6. LLM Setup on Windows
AUTARCH supports four AI backends. All work on Windows — but local GPU models have some limitations.
### Option A — Claude API (Easiest, Recommended for Windows)
No local GPU needed. Uses Anthropic's cloud API.
1. Get an API key from [console.anthropic.com](https://console.anthropic.com)
2. In AUTARCH: Settings → LLM Config → Claude tab
3. Paste your API key
4. Select a model (e.g. `claude-sonnet-4-6`)
5. Click **Save & Activate Claude**
6. Click **Load Model** — status dot turns green
### Option B — OpenAI API
Works the same way as Claude. Also supports local LLM servers (Ollama, vLLM, LM Studio).
1. Get an API key from [platform.openai.com](https://platform.openai.com)
2. In AUTARCH: Settings → LLM Config → OpenAI tab
3. Paste your API key and select a model
4. Click **Save & Activate OpenAI** then **Load Model**
**Using with a local server (Ollama, LM Studio):**
- Set Base URL to your local server (e.g. `http://localhost:11434/v1` for Ollama)
- Leave API key blank or use `ollama`
- Set model to the name you pulled (e.g. `llama3`)
### Option C — Local GGUF Model (CPU, No Internet)
Runs on CPU — no GPU required, but slow on large models.
1. Install llama-cpp-python:
```
pip install llama-cpp-python
```
2. Download a GGUF model file (e.g. from [HuggingFace](https://huggingface.co) — look for Q4_K_M quantized files, they're the best balance of speed and quality)
3. In AUTARCH: Settings → LLM Config → Local Model tab
4. Set Models Folder path (e.g. `C:\models`)
5. Select your GGUF file
6. Click **Save & Activate Local**
7. Click **Load Model** — first load takes 1060 seconds
**Recommended GGUF models for Windows (CPU):**
- `mistral-7b-instruct-v0.3.Q4_K_M.gguf` — good for most tasks
- `phi-3-mini-4k-instruct.Q4_K_M.gguf` — fast, good on low-RAM systems
- `llama-3.2-3b-instruct.Q4_K_M.gguf` — very fast, lightweight
### Option D — HuggingFace Transformers (GPU Recommended)
For NVIDIA GPU users. On Windows without CUDA, models will load on CPU (very slow for large models).
1. Install PyTorch for your platform:
- **With NVIDIA GPU:** Visit [pytorch.org](https://pytorch.org/get-started/locally/) and get the CUDA version
- **CPU only:** `pip install torch --index-url https://download.pytorch.org/whl/cpu`
2. Install remaining dependencies:
```
pip install transformers accelerate
```
3. Optionally install bitsandbytes for quantization (CUDA required):
```
pip install bitsandbytes --prefer-binary
```
4. In AUTARCH: Settings → LLM Config → Local Model tab → enable "Use HuggingFace Transformers"
5. Enter a model ID (e.g. `microsoft/Phi-3-mini-4k-instruct`)
> **Windows note:** If bitsandbytes is not installed or doesn't work, AUTARCH will automatically disable 4-bit/8-bit quantization and load the model in full precision. You'll see a warning in the debug log — this is normal and expected.
### LLM Load Button
On the LLM Config page, after saving settings, always click **Load Model** to initialize the backend. The status indicator shows:
| Color | Meaning |
|-------|---------|
| Grey | Not loaded |
| Amber | Loading... |
| Green | Ready |
| Red | Error — check Debug Log |
Click **Debug Log** to open the live debug console and see exactly what went wrong.
---
## 7. Metasploit on Windows
Metasploit Framework runs on Windows via the official Windows installer.
### Installing Metasploit
1. Download the Windows installer from [metasploit.com](https://www.metasploit.com/download)
2. Run the installer — it installs to `C:\metasploit-framework` by default
3. After install, start the MSF RPC daemon:
```
C:\metasploit-framework\bin\msfrpcd.bat -P yourpassword -S -f
```
Or use msfconsole directly and enable RPC from within it.
### Connecting AUTARCH to MSF
1. Go to Settings in AUTARCH
2. Set MSF RPC host: `127.0.0.1`, port: `55553`
3. Enter your RPC password
4. In the web dashboard, go to **MSF Console** and click **Reconnect**
### Using MSF in AUTARCH
- **MSF Console page** (`/msf`) — terminal-style console, type commands directly
- **Offense → Run Module** — quick-launch SSH scanners, port scanners, OS detection with live output
- **Offense → Agent Hal** — tell the AI to run operations autonomously
> **Note:** AUTARCH cannot auto-start/stop the MSF daemon on Windows (that uses Linux `pgrep`/`pkill`). Start MSF manually before connecting.
---
## 8. Nmap on Windows
Nmap is used by many AUTARCH scanning modules.
### Installing Nmap
1. Download from [nmap.org](https://nmap.org/download.html) — use the Windows installer
2. During install, **also install Npcap** (required for raw socket scanning)
3. Nmap installs to `C:\Program Files (x86)\Nmap` by default
### Configuring Path
If AUTARCH can't find nmap, add it to Settings → Tool Paths, or add `C:\Program Files (x86)\Nmap` to your Windows PATH:
1. Search for "Environment Variables" in Start
2. Edit System Environment Variables → Path
3. Add `C:\Program Files (x86)\Nmap`
---
## 9. Hardware & Device Tools
### ADB / Android Devices
AUTARCH includes bundled ADB binaries in `android/`. No separate install needed.
**USB Device Access:** Windows handles USB permissions automatically for most devices. Enable USB Debugging on your Android phone first (Settings → Developer Options → USB Debugging).
**WebUSB Mode (Direct Connection):**
AUTARCH supports WebUSB for direct ADB access from your browser without a server connection. This requires:
- **Chromium-based browser** (Chrome or Edge) — Firefox does not support WebUSB
- Install the [Android ADB driver](https://developer.android.com/studio/run/win-usb) for your device manufacturer
- Go to Hardware page → click the connection mode toggle → select "Direct (WebUSB)"
> **Note:** WinUSB driver is needed for WebUSB. If your device is recognized by standard ADB but not WebUSB, use [Zadig](https://zadig.akeo.ie/) to install the WinUSB driver.
### ESP32 Flashing
Fully supported on Windows. Connect your ESP32 via USB-serial adapter:
1. Install the CP210x or CH340 USB-serial driver for your adapter
2. Windows will assign it a COM port (e.g. `COM3`)
3. In AUTARCH Hardware page → ESP32 tab → select your COM port
4. Flash or interact normally
### Wireshark / Packet Capture
Requires Npcap (installed with Nmap or Wireshark):
1. Install [Wireshark for Windows](https://www.wireshark.org/download.html) — it includes Npcap
2. After install, `tshark` will be available in `C:\Program Files\Wireshark\`
3. Run AUTARCH as Administrator for raw packet capture permissions
---
## 10. WireGuard VPN
### Installing WireGuard
1. Download from [wireguard.com](https://www.wireguard.com/install/)
2. Install the Windows app
### Using with AUTARCH
AUTARCH's WireGuard page generates and manages config files. On Windows, apply the config manually:
1. Generate your config in AUTARCH → WireGuard
2. Copy the config
3. Open the WireGuard Windows app
4. Click "Add Tunnel" → Import from clipboard or file
5. Click Activate
> **Note:** Automatic WireGuard tunnel management (via `wg` CLI) requires WireGuard to be in your PATH or configured in AUTARCH Settings.
---
## 11. Known Limitations on Windows
| Feature | Status | Notes |
|---------|--------|-------|
| Web dashboard (59 blueprints) | Full | Works perfectly |
| AI chat (cloud APIs) | Full | Claude, OpenAI, HuggingFace all work |
| AI chat (local GGUF) | Full (CPU) | Slow without GPU |
| GPU quantization (4-bit/8-bit) | Partial | Needs CUDA + bitsandbytes |
| Nmap scanning | Full | Needs Nmap + Npcap installed |
| Packet capture | Partial | Needs Npcap + admin rights |
| Metasploit | Full (manual start) | MSF must be started manually |
| ADB (server mode) | Full | Bundled ADB binary works |
| ADB (WebUSB/Direct) | Full | Chrome/Edge only, needs WinUSB driver |
| ESP32 flashing | Full | COM port instead of /dev/ttyUSB |
| WireGuard | Partial | Needs Windows WireGuard app |
| SDR/RF Tools | Full | Needs HackRF or RTL-SDR hardware + drivers |
| Starlink Hack | Full | Needs network access to Starlink dish |
| SMS Forge / RCS Tools | Full | Needs ADB connection to Android device |
| WiFi Audit / Deauth / Pineapple | Partial | Full functionality requires Linux/monitor-mode adapter |
| C2 Framework | Full | All agent types work |
| Vulnerability Scanner | Full | Nuclei recommended for template scanning |
| Container Security | Full | Needs Docker Desktop installed |
| Background service | Via Task Scheduler | `--service` flag doesn't work |
| System uptime | N/A | Shows "N/A" (uses /proc/uptime) |
| mDNS discovery | Partial | May require Bonjour |
---
## 12. Troubleshooting
### "Python not found" or command not recognized
Python is not in your PATH. Either:
- Reinstall Python and check "Add to PATH"
- Or run: `py autarch.py` instead of `python autarch.py`
### Web dashboard won't start — "Port already in use"
Another process is on port 8080. Use a different port:
```
python autarch.py --web --port 8090
```
Or find and kill the conflicting process:
```
netstat -ano | findstr :8080
taskkill /PID <PID> /F
```
### bitsandbytes install error
```
ERROR: Could not find a version that satisfies the requirement bitsandbytes
```
This is normal on Windows without CUDA. Either:
- Install with `pip install bitsandbytes --prefer-binary` for a best-effort install
- Or skip it — AUTARCH detects absence and disables quantization automatically
### LLM won't load — "No module named llama_cpp"
Install llama-cpp-python:
```
pip install llama-cpp-python
```
If you have an NVIDIA GPU and want GPU acceleration:
```
set CMAKE_ARGS="-DLLAMA_CUBLAS=on"
pip install llama-cpp-python --force-reinstall --no-cache-dir
```
### ADB device not detected
1. Enable USB Debugging on your phone (Settings → Developer Options → USB Debugging)
2. When prompted on the phone, tap "Allow"
3. Check if Windows recognizes the device: `android\adb.exe devices`
4. Install the correct USB driver for your phone manufacturer
### Nmap not found
AUTARCH reports "nmap not found" in the Dashboard. Fix it:
1. Install Nmap from [nmap.org](https://nmap.org/download.html)
2. Add `C:\Program Files (x86)\Nmap` to your Windows PATH
3. Or configure the path in AUTARCH Settings → Tool Paths
### Metasploit can't connect
1. Verify MSF RPC daemon is running: `netstat -ano | findstr :55553`
2. If not running, start it: `msfrpcd -P yourpassword -S -f`
3. Check password matches what's in AUTARCH Settings
4. Try clicking **Reconnect** in the MSF Console page
### Firewall blocking the dashboard
Windows Firewall may block port 8080. Allow it:
1. Windows Defender Firewall → Advanced Settings
2. Inbound Rules → New Rule
3. Port → TCP → 8080 → Allow
Or from Command Prompt (as Administrator):
```
netsh advfirewall firewall add rule name="AUTARCH" dir=in action=allow protocol=TCP localport=8080
```
### "Permission denied" errors
Run Command Prompt as Administrator. Right-click Command Prompt → Run as Administrator.
---
## 13. Quick Reference
### Startup Commands
```
# Start menu
python autarch.py
# Start web dashboard
python autarch.py --web
# Different port
python autarch.py --web --port 9090
# List all modules
python autarch.py -l
# Run AI chat
python autarch.py -m chat
# Reset configuration
python autarch.py --setup
```
### Key URLs
| URL | What It Is |
|-----|-----------|
| `http://localhost:8080` | Main web dashboard |
| `http://localhost:8080/targets` | Target management |
| `http://localhost:8080/settings/llm` | LLM configuration |
| `http://localhost:8080/msf` | MSF Console terminal |
| `http://localhost:8080/manual` | Full user manual |
### Important Paths
| Path | What It Contains |
|------|----------------|
| `autarch_settings.conf` | All configuration |
| `data/targets.json` | Saved targets |
| `data/sessions/` | Saved sessions |
| `data/dossiers/` | OSINT dossiers |
| `android/adb.exe` | Bundled ADB binary |
| `tools/` | Bundled tools |
### Common Tool Locations (Windows Defaults)
| Tool | Default Path |
|------|-------------|
| Nmap | `C:\Program Files (x86)\Nmap\nmap.exe` |
| Metasploit | `C:\metasploit-framework\bin\` |
| WireGuard | `C:\Program Files\WireGuard\` |
| Wireshark | `C:\Program Files\Wireshark\` |
| Python | `C:\Python311\` or `C:\Users\<you>\AppData\Local\Programs\Python\` |
---
---
## 14. New Tools Overview (v2.3)
AUTARCH v2.3 includes 59 web blueprints and 72 CLI modules. Here is a summary of the major tool categories added since v2.0:
### Offense Tools
| Tool | Description |
|------|-------------|
| Vulnerability Scanner | Nuclei/OpenVAS template-based scanning with severity ratings |
| Exploit Development | Shellcode gen, payload encoding, ROP chains, pattern generator |
| Social Engineering | Credential harvest, pretexts, QR phishing, campaign tracking |
| AD Audit | LDAP enumeration, Kerberoasting, AS-REP roast, ACL analysis |
| MITM Proxy | HTTP(S) interception, SSL strip, request modification |
| Pineapple | Rogue AP, Evil Twin, captive portal (Raspberry Pi) |
| Deauth Attack | WiFi deauthentication (Raspberry Pi + monitor-mode adapter) |
| C2 Framework | Multi-agent command & control with task queuing |
| WiFi Audit | Wireless network security assessment |
| SMS Forge | Create/modify SMS Backup & Restore XML backups |
| RCS/SMS Exploit | Message extraction, forging, and RCS exploitation via ADB |
| Starlink Hack | Starlink terminal security analysis and gRPC exploitation |
### Defense Tools
| Tool | Description |
|------|-------------|
| Container Security | Docker/K8s audit, image scanning, escape detection |
| Email Security | DMARC/SPF/DKIM analysis, header forensics, phishing detection |
| Incident Response | IR playbooks, evidence collection, IOC sweeping, timeline |
| Threat Intelligence | Feed aggregation, IOC management, STIX/TAXII |
| Log Correlator | Multi-source log aggregation and event correlation |
### Analysis Tools
| Tool | Description |
|------|-------------|
| Reverse Engineering | Binary analysis, Capstone disassembly, YARA, Ghidra integration |
| Digital Forensics | Disk/memory forensics, artifact extraction |
| SDR/RF Tools | Spectrum analysis, RF replay, ADS-B tracking, drone detection |
| Steganography | Data hiding/extraction in images and audio |
| BLE Scanner | Bluetooth Low Energy discovery and fuzzing |
| RFID/NFC Tools | Card reading, cloning, emulation |
| Malware Sandbox | Safe detonation and behavior analysis |
| Net Mapper | Network topology discovery with SVG visualization |
All tools are accessible from the web dashboard sidebar and most are also available via CLI (`python autarch.py -m <module_name>`).
---
*AUTARCH v2.3 — By darkHal Security Group and Setec Security Labs*
*For authorized security testing and research only. Always obtain written permission before testing systems you do not own.*