akira

What Is Akira?

An AI pentest co-pilot that runs natively inside Claude Code, Gemini CLI, Cursor, or any agent. It is not a wrapper around automated scanners. It is a structured reasoning system for finding what scanners miss: logic flaws, architecture leaks, supply chain vectors, cryptographic weaknesses, and chained attacks.

Core constraint: Every finding requires a reproducible HTTP response body containing sensitive data. No evidence = no finding. OOB callback alone is never Critical.

/plan-engagement → /recon → /secrets → /exploit → /zerodayhunt → /triage → /report

System Architecture

Component Graph

┌─────────────────────────────────────────────────────────────────────┐
│                         session.json (state bus)                    │
│  ┌──────────────┐  ┌──────────────┐  ┌───────────────────────────┐ │
│  │ engagement   │  │ intel_relay  │  │ scalpel                   │ │
│  │ .state       │  │ .from_recon  │  │ .hypotheses[]             │ │
│  │ .target      │  │ .from_secrets│  │ .active_manifest          │ │
│  │ .scope       │  │ .from_exploit│  │ .doom_loop.technique_runs │ │
│  └──────────────┘  │ .from_cloud  │  │ .snr.signal_count         │ │
│                    │ .from_redteam│  └───────────────────────────┘ │
│  ┌──────────────┐  └──────────────┘  ┌───────────────────────────┐ │
│  │ report_draft │  ┌──────────────┐  │ signals.jsonl             │ │
│  │ .findings[]  │  │ intel        │  │ (append-only, race-proof) │ │
│  │ .chains[]    │  │ .technologies│  │ {type,value,source,conf}  │ │
│  └──────────────┘  │ .live_hosts  │  └───────────────────────────┘ │
│                    │ .credentials │                                 │
│                    └──────────────┘                                 │
└─────────────────────────────────────────────────────────────────────┘
         ▲ read/write              ▲ read/write
         │                        │
┌────────┴────────────────────────┴──────────────────────────────────┐
│                       _shared/phase0.sh                            │
│  p0_init_vars()       p0_state_gate()      p0_read_relay()         │
│  p0_read_memory()     p0_read_hypotheses() p0_manifest_write()     │
│  p0_relay_write()     p0_relay_append()    p0_completion_gate()    │
└────────────────────────────────────────────────────────────────────┘
         ▲ source                  ▲ source
         │                        │
┌────────┴──────────┐   ┌─────────┴────────────────────────────────┐
│  Thin Router      │   │  Technique Library (tech/*.md)            │
│  SKILL.md         │   │  loaded on demand via manifest priority   │
│  ~180 lines       │   │  ~80 lines each                           │
│  - Phase 0        │   │  ssrf-oob.md | jwt-saml-sso.md           │
│  - Manifest build │   │  chain-blueprints.md | client-proto.md   │
│  - Loader table   │   │  ...68 total across 4 split skills        │
└───────────────────┘   └──────────────────────────────────────────┘

Intel Relay Schema