Threat Assessment & Response System (TARS)

GitHub stars

About

TARS is our attempt to automate parts of cybersecurity penetration testing using AI agents. It was also the project that led to the formation and launch of my co-founders’ startup: Osgil.

Demos

Long-Term Vision

Provide intelligent defense solutions by building AI-Agent based tools for automating cybersecurity penetration testing. In short, the plan is:

  1. Build agents that can properly use existing cybersecurity tools for vulnerability scanning and threat analysis.
  2. Optimize those agents to automate vulnerability identification and patching, instead of just scanning and threat reporting.
  3. Build a reactive defensive system that can produce countermeasures against attackers in real-time.
  4. (Long Term) Develop tools to prepare for a future where advanced, dynamic, and automated AI-driven attacks can be easily deployed.

History

TARS was developed for a startup I co-founded called Osgil back in late April 2024. It was originally developed for enterprise customers but we later move on to other projects, making TARS open-source on August 2024.

Current State

Currently, TARS can utilize the following tools:

The frontend uses Streamlit, but we have started building a better frontend using React instead since Streamlit is very limiting. We are also looking through some papers to see how we can improve the reasoning and problem-solving capabilities of TARS because, currently, we are using CrewAI, which is pretty limited when you start doing more advanced tasks like what TARS is trying to do. Currently, we are leaning on using CrewAI for certain jobs and focusing more on utilizing LangGraph.

Marketing Strategy

When TARS was originally for enterprise customers, our marketing strategy was going to conventions, hackathons, and events in Silicon Valley were we could talk with developers, business owners, and investors. We also used LinkedIn and Email to cold-contact people.

But, sense open-sourcing the project, the main strategy for marketing TARS has been though Twitter (X), Hacker News, and Reddit. Out of which, Reddit has been the most effective.