clutch-61/hexstrike_augment — explained in plain English
Analysis updated 2026-05-18
Ask a local Ollama model to help plan and carry out an authorized penetration test using built in security tools.
Search a vulnerability and security knowledge base using keyword, vector, or hybrid retrieval.
Let a multi-agent planner break a security research task into steps and pick the right tools automatically.
| clutch-61/hexstrike_augment | abhisumatk/epstein_files_rag | asdfo123/forgewm | |
|---|---|---|---|
| Stars | 34 | 34 | 34 |
| Language | Python | Python | Python |
| Setup difficulty | hard | moderate | hard |
| Complexity | 4/5 | 3/5 | 5/5 |
| Audience | researcher | researcher | researcher |
Figures from each repo's GitHub metadata at analysis time.
Needs a local Ollama install with a tool-calling model, git submodules, and optionally a Qdrant database for the full RAG pipeline.
HexStrike Augment builds on top of an existing open-source MCP client for Ollama, combining security testing automation, two retrieval-augmented search systems, and a multi-agent workflow layer. It is designed for authorized security research and penetration testing assistance, running entirely with local language models via Ollama rather than cloud APIs. The README is written in Chinese. The security testing components come from a submodule called hexstrike-ai, which provides a collection of tools for tasks such as vulnerability analysis. The retrieval-augmented search layer runs in two configurations: a lighter one using ChromaDB with Ollama-generated embeddings, and a more complete pipeline that adds BM25 keyword search, vector search, and result re-ranking, with optional Qdrant support for production use. A multi-agent mode, activated by typing "ma" in the chat interface, uses a three-layer design: a Strategy agent that breaks down a task, a Selector that chooses relevant tools, and an Executor that carries out the steps. The README states this approach reduces token usage by avoiding loading tools that are not relevant to the current task. Setup requires Python 3.10 or newer and a local Ollama installation with a model that supports tool calling, such as qwen3. Configuration is handled through JSON files copied from provided example templates, with the repository's absolute path filled in by the user. Qdrant and Redis are optional and only needed for the full retrieval pipeline. The project includes a prominent notice that it is intended for authorized security testing and security research only, and users should not direct its scanning capabilities at systems they do not have permission to test.
HexStrike Augment adds a security testing toolkit, two searchable knowledge bases, and a multi-agent planner on top of a local Ollama chat client, for authorized penetration testing research.
Mainly Python. The stack also includes Python, Ollama, ChromaDB.
No project-specific license stated, terms follow the upstream ollmcp project and each included submodule or dependency.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.