Skip to content
View evkir's full-sized avatar

Block or report evkir

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
evkir/README.md

evkir

Offensive security for the swarm.

Independent security researcher — multi-agent & embodied AI.
Founder of MASec Lab: offensive tooling & audit methodology for the layer between agents.

maseclab.com · Blog · x.com/maseclab · HackerOne ·

focus protocols owasp python


whoami

Offensive security + agentic-AI safety. The industry is racing to test AI models; the riskier surface — how agents coordinate, delegate and act together — goes largely unexamined. I build the methodology and tooling for that layer, and publish it openly.

Single-agent safety doesn't compose. The boundary moved from the model to the protocol traffic between agents — that's where MASec Lab works.


Building at MASec Lab

CyberAI — AI-native offensive platform Specialist agents run recon, exploitation and reporting as one coordinated system. Native tool-calling, prompt-injection defence, cost/budget tracking, structured findings. MCP scanner that flags tool-poisoning offensively.
mas-sentry-toolkitdefensive audit (AGPL-3.0) Audits agentic systems from the outside: A2A client, MCP audit, ABFP behavioural fingerprinting, unified threat engine. One Typer CLI, SARIF out. OWASP Agentic Top-10 (ASI01–ASI10) detectors.

Research — methodology, in the open

  • ABFPAgent Behavioural FingerPrint. Baseline an agent by how it acts across 6 dimensions; surface drift, hijack and impersonation as statistical deviations instead of predefined rules.
  • HCAPHierarchical Capability & Attestation Protocol. Prove what an agent may do and where its authority came from, down a delegation chain. N-of-M quorum, confused-deputy detection.
  • ASI mapping — findings mapped to the OWASP Agentic Top 10 for a shared, recognised taxonomy.

Other tooling

  • phantom-grid — free Burp Collaborator alternative: OOB interaction capture (HTTP/HTTPS/DNS), SQLite store + exfil reassembly.
  • phantom-intel — CVE threat-intelligence platform on the NVD API 2.0.
  • reality-probe — VLESS/Reality transport probing.

Recent writeups

  • The Layer Nobody Baselines — runtime behavioural detection for the MCP agent bus.
  • Hunting MCP Tool Poisoning — malicious instructions hidden in tool metadata, and how CyberAI catches them.
  • Agent-in-the-Middle — what's wrong with unsigned A2A agent cards.
  • Why the coordination layer is the real attack surface — single-agent safety doesn't compose.

Currently

  • OSCP+ track · active on PortSwigger / HackTheBox / TryHackMe
  • Entering bug bounty — HackerOne · Bugcrowd · Intigriti ·
  • Web3 audit stack: Foundry · Slither · Aderyn · Halmos · Echidna

Stack


The agentic frontier is shipping faster than anyone is testing it.

Popular repositories Loading

  1. CyberAI CyberAI Public

    AI-powered pentest platform

    Python 1 1

  2. phantom-grid phantom-grid Public

    Free Burp Collaborator alternative- OOB interaction capture (HTTP/HTTPS/DNS) with SQLite & exfil reassembly

    JavaScript

  3. phantom-intel phantom-intel Public

    CVE Threat Intelligence Platform — NVD API 2.0

    Python

  4. reality-probe reality-probe Public

    Python

  5. mas-sentry-toolkit mas-sentry-toolkit Public

    Penetration testing toolkit for MAS (Multi-Agent Systems). Intercepting, analyzing, and exploiting MQTT-based agent communication protocols.

    Python

  6. writeups writeups Public

    writeups