11 repository-uri
Mechanisms for controlling and authorizing the execution of external scripts or code-based security templates.
Distinguishing note: Focuses on the security policy and authorization layer for code execution, rather than the execution engine itself.
Explore 11 awesome GitHub repositories matching security & cryptography · Execution Policies. Refine with filters or upvote what's useful.
This project is a Python framework for building autonomous, event-driven agent systems. It provides a unified runtime for orchestrating multi-agent workflows, managing persistent conversation state, and executing code within secure, isolated sandbox environments. The framework is designed to handle complex task delegation, allowing agents to invoke other agents as tools while maintaining context across multi-turn interactions. The framework distinguishes itself through its deep integration with the Model Context Protocol, enabling agents to connect to external data sources and remote services
Halts agent processing immediately when guardrails detect prohibited content or policy violations.
Mastra is an orchestration framework designed for building, deploying, and managing autonomous AI agents and multi-agent systems. It provides a comprehensive suite of primitives for creating resilient AI applications, including durable workflow orchestration, event-driven agent loops, and semantic memory management. By integrating these core components, the platform enables developers to build complex, multi-step processes that can reason about goals and execute tasks without manual intervention. The framework distinguishes itself through its focus on observability and secure, isolated execut
Executes custom callbacks when security policy violations are detected.
Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse application environments. It decouples authorization logic from application code by using a configuration-driven approach, allowing developers to define access rules and evaluation logic independently. The system supports a wide range of access control models, including role-based, attribute-based, and relationship-based patterns, which are evaluated at runtime to determine if a subject is permitted to perform an action on a resource. The project distinguishes itself through a hig
Performs administrative operations on access control rules and models directly from the terminal.
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
Runs PowerShell scripts by bypassing execution policies through trusted system processes.
K8tools is a multi-stage attack framework that combines memory-only payload execution, credential testing, port forwarding, privilege escalation, and physical USB-based keystroke injection for comprehensive system compromise. At its core, the Ladon PowerShell module loads a multi-function scanner directly into memory, enabling command execution without writing files to disk, while supporting memory-only payload delivery that downloads and runs obfuscated shellcode or PowerShell commands to evade antivirus detection. The framework distinguishes itself through its breadth of integrated capabili
Overrides PowerShell execution policy to run scripts in restricted environments.
Terminates agent execution immediately upon guardrail policy violations during streaming or output validation.
Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules. What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each
Bypasses detection systems by injecting evasion techniques into PowerShell command-line instructions.
OpenSquilla este un framework de orchestrare pentru agenți LLM, conceput pentru a coordona fluxuri de lucru AI în mai mulți pași și execuția de instrumente folosind grafuri aciclice direcționate. Acesta funcționează ca un sistem centralizat pentru gestionarea pachetelor de competențe specializate și executarea secvențelor complexe de raționament. Proiectul se distinge printr-un gateway de rutare care direcționează sarcinile către diferiți furnizori AI în funcție de complexitate, cost și performanță. Utilizează un sistem de memorie AI pe mai multe niveluri care organizează cunoștințele de lucru, episodice și semantice folosind embedding-uri locale și SQLite, alături de un sandbox de execuție securizat care izolează codul generat de agenți prin profiluri de permisiuni bazate pe risc. Platforma acoperă o gamă largă de capabilități, inclusiv implementarea pe mai multe canale către platforme web și de mesagerie, programarea automată a sarcinilor prin cron și un bridge Model Context Protocol pentru conectarea la instrumente externe. De asemenea, oferă instrumente cuprinzătoare de monitorizare și observabilitate pentru urmărirea costurilor per token, auditarea deciziilor runtime și gestionarea unui catalog de competențe reutilizabile. Sistemul include utilitare CLI pentru inițializarea spațiului de lucru și gestionarea ciclului de viață al competențelor.
Allows immediate termination of long-running agent turns without losing conversation history or state.
Unicorn este o colecție de utilitare pentru generarea de fișiere HTA malițioase, macro-uri VBA, comenzi PowerShell codificate și framework-uri de injectare de shellcode rezidente în memorie. Acesta oferă instrumente pentru a crea payload-uri concepute pentru a obține execuția de cod la distanță prin ocolirea controalelor de securitate. Proiectul se concentrează pe transformarea documentelor Office în arme prin macro-uri și formule VBA, generarea de vectori de atac HTA și crearea de payload-uri PowerShell codificate. Include un framework de injectare de shellcode pentru a împacheta shellcode-ul extern pentru execuție directă în memoria sistemului. Setul de instrumente acoperă conversia binar-la-base64 pentru transferuri de fișiere bazate pe certificate și metode pentru evitarea detectării bazate pe disc. Include, de asemenea, capabilități pentru codificarea scripturilor PowerShell și atacuri de downgrade de versiune pentru a ocoli politicile de execuție și restricțiile de securitate.
Uses encoded commands and HTA files to circumvent execution policies and run unsigned code.
This project is a collection of themes, layout customizers, and automated installers for Visual Studio Code designed to create a dark-mode workspace aesthetic. It provides a set of dark color palettes and syntax highlighting configurations alongside a CSS UI customizer for modifying the editor's internal interface elements. The toolkit enables a modern visual design characterized by deep dark backgrounds, floating glass-effect panels, and rounded interface geometries. It utilizes custom stylesheets to alter panel radii, gaps, and sidebar margins, while adding interactive animations such as ho
Uses shell script wrappers to bypass local execution policies for automated theme deployment on Windows.
The BeeAI Framework is an LLM agent framework and multi-agent orchestration engine used to build autonomous agents that coordinate reasoning, tool execution, and complex workflows. It functions as a structured AI output controller and RAG integration library, providing a unified interface to manage multiple language model providers. The framework is distinguished by its implementation of the Model Context Protocol, allowing agents, tools, and models to be shared between different AI platforms and hosted as agentic tooling servers. It enables the design of collaborative agent teams through dec
Provides execution abort handlers that terminate agent processes immediately when policy violations are detected.