The First Democratic Cybersecurity
RedQuorum is a multi-agent AI security scanner that deploys a "Parliament of Attackers" - multiple AI security experts with different specialties who debate and vote on security threats. Only findings that achieve consensus (quorum) make it to your report.
- Python 3.11+
- Node.js 18+
This project uses uv for dependency management (recommended) but also works with pip:
Using uv (recommended - faster, pre-resolved dependencies):
# Install uv if you don't have it
pip install uv
# Create virtual environment and install
uv venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
uv pip install -e "."Using pip:
pip install -e "."Then copy the environment file:
cp .env.example .envAPI keys are optional. Add for real AI analysis:
OPENAI_API_KEY=sk-your-key-hereWithout API keys, the system runs in demo mode with simulated findings.
cd electron-app/src/renderer/angular-app
npm install
cd ../../.../scripts/dev.shOr manually in two terminals:
# Terminal 1
redquorum server
# Terminal 2
cd electron-app/src/renderer/angular-app
npm start- Dashboard: http://localhost:4200
- API Docs: http://localhost:8000/docs
# DAST scan with AI analysis (requires API key)
redquorum scan https://example.com --type 5
# DAST scan without AI (faster, raw findings)
redquorum scan https://example.com --type 5 --no-ai
# Code scan
redquorum scan /path/to/code --type 2Reports are saved to reports/YYYYMMDD_HHMMSS/target/report.json (and .md)
- Open http://localhost:4200
- Click "New Scan" button
- Enter a target:
- Code: Local folder
/home/user/myprojector Git repo - API:
https://api.example.com - Web App:
https://website.com(DAST scanning) - Demo: Any text for simulation mode
- Code: Local folder
- Select Target Type:
- "Code Directory" - Static code analysis
- "π Web Application (DAST)" - Dynamic security testing
- Click "Start Scan"
- View results in scan list
# Scan local code
curl -X POST http://localhost:8000/api/v1/scans \
-H "Content-Type: application/json" \
-d '{
"target_type": "CODE_DIRECTORY",
"location": "/path/to/code"
}'
# Scan git repository
curl -X POST http://localhost:8000/api/v1/scans \
-H "Content-Type: application/json" \
-d '{
"target_type": "CODE_REPOSITORY",
"location": "https://github.com/user/repo"
}'# Full DAST scan with crawling
curl -X POST http://localhost:8000/api/v1/scans \
-H "Content-Type: application/json" \
-d '{
"target_type": "WEB_APPLICATION",
"location": "https://example.com",
"dast_config": {
"crawl_depth": 2,
"max_pages": 50
}
}'
# Quick scan (no crawling, single URL)
curl -X POST http://localhost:8000/api/v1/scans \
-H "Content-Type: application/json" \
-d '{
"target_type": "WEB_APPLICATION",
"location": "https://example.com/login"
}'
# List scans
curl http://localhost:8000/api/v1/scans
# Get details
curl http://localhost:8000/api/v1/scans/{scan_id}- CLI Tool - Command-line scanning with
--no-aioption - DAST (Dynamic Analysis) - Full web application security testing
- Spider crawler with authentication support
- SQL Injection, XSS, Command Injection detection
- Security headers analysis
- ~12 different vulnerability detectors
- Parliament AI - 4-agent debate system (Opportunist, Insider, Professional, Moderator)
- Report Generation - JSON and Markdown reports with findings
- Demo mode (no API keys needed)
- Web Dashboard - Angular frontend with real-time progress
- Multiple LLM Support - OpenAI, Anthropic, Moonshot (Kimi)
When scanning web applications (target_type: WEB_APPLICATION):
| Detector | Finds |
|---|---|
| SQL Injection | Error-based, time-based, boolean-based SQLi |
| XSS | Reflected, DOM-based, stored XSS |
| Command Injection | Shell command execution vulnerabilities |
| SSTI | Server-side template injection |
| Authentication | Weak passwords, session fixation, JWT issues |
| Configuration | Missing security headers, CORS misconfig, SSL issues |
DAST automatically:
- Crawls the target to discover URLs
- Tests forms and parameters
- Analyzes responses for vulnerabilities
- Sends findings to Parliament for validation
When running without API keys:
- System generates realistic demo findings
- Parliament agents vote with simulated reasoning
- Full debate transcript included
- Ideal for UI testing and demonstrations
When API key is configured:
- Real LLM analysis
- Findings extracted from actual code
- Genuine AI debate
When you run a scan, findings go through the Parliament:
Finding: SQL Injection
Opportunist: "Easy to exploit! Severity 8/10"
Insider: "Can dump data from inside! Severity 9/10"
Professional: "Ransom-worthy data access! Severity 10/10"
Moderator: "Verified exploitable. PASS"
Consensus: 87% - APPROVED
Voting Weights:
- Opportunist: 20% (finds obvious issues)
- Insider: 25% (business logic perspective)
- Professional: 35% (APT/ransomware mindset)
- Moderator: Validates (pass/fail decision)
RedQuorum/
βββ src/redquorum/ # Python Backend
β βββ api/ # FastAPI + static files
β βββ agents/ # Parliament (4 personas)
β βββ scanners/ # Security scanners
β βββ services/ # Orchestration
β
βββ electron-app/src/renderer/ # Angular Frontend
β βββ angular-app/
β βββ src/app/ # Dashboard UI
β βββ src/app/services/ # API clients
β
βββ scripts/
βββ dev.sh # Run full stack
βββ build-frontend.sh # Production build
Edit .env file:
# Optional: API Keys
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...
# Parliament Settings
PARLIAMENT_QUORUM_THRESHOLD=75
PARLIAMENT_MAX_DEBATE_ROUNDS=3
# DAST Settings
DAST_MAX_REQUESTS=200 # Max HTTP requests per scan
DAST_MAX_FINDINGS=50 # Max findings to report
DAST_DEFAULT_CRAWL_DEPTH=2 # Default crawl depth
DAST_DEFAULT_MAX_PAGES=50 # Default max pages to crawl
DAST_ENABLE_AI_CONFIRMATION=true # AI confirmation for ambiguous findings
# Server
API_PORT=8000
LOG_LEVEL=INFOPort 8000 in use:
redquorum server --port 8001Backend connection failed:
curl http://localhost:8000/healthMissing dependencies:
# Using uv (recommended)
uv pip install -e "."
# Or using pip
pip install -e "."Node modules issues:
cd electron-app/src/renderer/angular-app
rm -rf node_modules && npm installTraditional security scanners:
- 1 AI generates 500 alerts
- User drowns in false positives
- Misses creative attacks
RedQuorum approach:
- 4 specialists debate each finding
- Only consensus-approved alerts
- Full reasoning trail
- Focus on actionable threats
Built for security teams who want signal, not noise.