Prerequisites
You need two things:- Docker (with Docker Compose v2)
- An API key (Anthropic, OpenAI, or any LiteLLM-compatible provider)
Installation
decepticon CLI.
Configuration
Configure your API key:- LLM Provider — Anthropic, OpenAI, or other LiteLLM backends
- API Key — Your provider API key
- Model Profile —
eco,max, ortest(see Multi-Model Routing)
Launch
Start Decepticon:Try the Demo
Want to see Decepticon in action before setting up your own engagement? Run the guided demo:The demo launches Metasploitable 2 as a target, loads a pre-built engagement, and runs the full kill chain automatically:
1
Port Scan
Reconnaissance agent scans the target and identifies open services.
2
Exploit
Exploit agent identifies and exploits the vsftpd backdoor vulnerability.
3
C2 Implant
Deploys a Sliver C2 implant on the compromised target.
4
Credential Harvesting
Post-exploit agent harvests credentials via C2 session.
5
Internal Recon
Maps the internal network from the compromised host.
Next Steps
Configuration
Deep dive into API keys, model profiles, and environment settings.
CLI Reference
Learn all available commands and options.
Features
Explore engagement planning, kill chain execution, and C2 integration.
Architecture
Understand the isolated network architecture and agent system.
