What's in the brain: - 85 MITRE ATT&CK techniques (all 14 tactics, real CVEs, detection/mitigation) - 89 port-to-service mappings with known vulns (21 through 50000) - 48 NIST controls (CSF 2.0 + 800-53 Rev 5) - 40 CompTIA Security+ domains - 30 cross-framework compliance maps (PCI DSS 4.0, HIPAA, SOC 2, ISO 27001, CIS v8) - 27 remediation templates with language-specific fixes - 17 CVE patterns, 10 OWASP Top 10 Web, 10 OWASP LLM Top 10
Ask "T1059" or "port 445" — instant structured answer with detections, mitigations, CWE mappings. No LLM round-trip.
When reasoning IS needed, the brain enriches the prompt with your security profile, section context, recalled memories, and relevant KB hits before sending to your AI provider.
Also new in v1.1: - DAG workflow automation (chain agents, conditions, HTTP calls into security pipelines) - 28 AI security agents with editor (autonomous pentester, forensics, red team, compliance) - Smart provider routing (Ollama local, Claude API, Codex — per-agent selection, fallback chains) - Kali Linux bridge container with 11 tools (nmap, nuclei, nikto, sqlmap, etc.) - Docker Compose stack: Vigil + PostgreSQL + Ollama + Kali bridge
Runs air-gapped with Ollama. Zero data leaves your machine. Express.js + vanilla JS, 6 npm dependencies.
GitHub: https://github.com/vigil-agency/vigil CHANGELOG: https://github.com/vigil-agency/vigil/blob/main/CHANGELOG.md