Aegis AI is an Open-Source, lightning-fast application designed to statically dissect potentially malicious Windows executables safely. It utilizes a Hybrid Architecture marrying blazing-fast Rust deterministic scraping with cutting-edge Local Large Language Model synthesis to produce pinpoint accurate threat profiles.
Best of all? It is engineered to run 100% locally on your machine. You do not need to upload your sensitive payloads or unreleased proprietary software to the cloud for analysis.
- The Native Bouncer (Rust): Natively intercepts the uploaded payload using the
goblincrate, physically slicing through PE Headers to extract dangerousSyscallsand heuristically scraping thousands of strings for embedded network callbacks without ever actually detonating the malware. - The Intelligent Detective (Ollama/DeepSeek): Aegis AI orchestrates the telemetry out to a local Ollama reasoning model instance. The LLM consumes the "Bouncer Flags" and constructs an enterprise-grade Cyber Threat Assessment report correlating the behavior algorithms.
- SQLite Database Persistence: Integrated completely locally. Aegis maps all scans asynchronously directly to an invisible AppData vault, granting you immediate access to historical artifacts natively.
- VirusTotal Inter-linking: Contains an optional
reqwesthook. Plug in your private VT API Key to immediately cross-reference the SHA-256 binary hash with 70+ cybersecurity vendors globally.
- Ollama: You must have a local instance of Ollama running on your machine on port
http://localhost:11434. Please download thedeepseek-r1:32borllama3.8bmodels ahead of time via:ollama pull deepseek-r1:32b
- Node.js (v18+)
- Rust & Cargo
- Clone down the repository:
git clone https://github.com/BroCoder007/aegis-ai.git cd aegis-ai - Install the necessary JavaScript GUI dependencies:
npm install
- Boot the application using the Tauri CLI wrapper:
npm run tauri dev
We openly welcome additions to the underlying Rust Heuristic Scanning patterns or beautiful React UI re-tooling. Please read our Contributing Guidelines for specifics on how to build and expand upon the core orchestrator safely.
This tool is built for independent malware analysts, reverse engineers, and developers scanning suspicious droppers. Aegis AI statically analyzes file properties but does not actively replace your primary host Antivirus system.