Cette page est affichée en anglais. Une traduction française est en cours.
WorkflowsMay 12, 2026·2 min de lecture

Osmedeus — Security Orchestration Engine

Osmedeus is a security orchestration engine with a CLI and workflows for recon and asset inventory—use only on systems you own or are authorized to test.

Agent Toolkit
Agent Toolkit · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Native · 94/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Cli
Installation
Manual
Confiance
Confiance : Established
Point d'entrée
osmedeus run -m recon -t <target>
Commande CLI universelle
npx tokrepo install 847acf46-a034-5504-a1fc-e481df2f07b5
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

Osmedeus is a security orchestration engine with a CLI and workflows for recon and asset inventory—use only on systems you own or are authorized to test.

  • Best for: Authorized security testing and repeatable recon workflows
  • Works with: Linux/macOS; CLI workflows; optional API server; integrates with docs.osmedeus.org
  • Setup time: 15–45 minutes

Practical Notes

  • GitHub: 6,232 stars · 982 forks; pushed 2026-05-11 (verified via GitHub API).
  • README installation uses a one-line install script and includes --dry-run to preview workflow execution.
  • CLI examples show modules/flows, concurrency flags, and a built-in API server (osmedeus serve).

Main

Safety-first usage:

  • Treat Osmedeus as an internal security automation runner. Keep targets in a scoped allowlist (your domains, your staging, your owned IPs).
  • Start with --dry-run and inspect what will execute, then run with conservative concurrency.
  • Keep outputs in a dedicated workspace and store the final report artifacts alongside the run configuration so audits are easy.

If you want to involve an AI agent, have it produce a plan and a safe target list first; never let the agent free-run on the public internet.

FAQ

Q: Is it legal to scan random sites? A: No. Use it only for systems you own or have explicit permission to test.

Q: How do I reduce risk? A: Use --dry-run, keep concurrency low, and run inside isolated environments.

Q: Can it expose an API? A: Yes—README includes osmedeus serve to start an API server.

🙏

Source et remerciements

Source: https://github.com/j3ssie/osmedeus > License: MIT > GitHub stars: 6,232 · forks: 982

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Tracecat — Agentic Security Automation

Tracecat is an open-source security automation platform for teams and AI agents, built on Temporal with sandboxed tool runs and a self-hostable UI.

Workflows
Agent Toolkit

RagaAI Catalyst — LLM Eval + Tracing SDK

RagaAI Catalyst is a Python SDK for managing LLM projects with evaluation, dataset management, trace/agentic tracing, and prompt/guardrail workflows.

Workflows
Agent Toolkit

RubyLLM::Agents — Rails Engine for Production Agents

Rails engine for building and monitoring LLM agents with a DSL, retries/fallbacks, cost analytics, and a dashboard; verified 124★, pushed 2026-04-19.

Workflows
Agent Toolkit

Maestro — Multi-Agent Orchestration for Coding CLIs

Maestro is an Apache-2.0 multi-agent orchestrator with 39 specialists for Gemini CLI, Claude Code, Codex, and Qwen Code, plus review/debug entrypoints.

Workflows
Agent Toolkit
Accueil🔍Rechercher👤Moi