AegisOS is an event-driven, modular cyber intelligence platform designed to orchestrate system-level security scanning and provide AI-assisted threat analysis using entirely local, free, and open-source tooling.
- Frontend: React, Tailwind CSS V4, Vite, Force-Graph-2D
- Backend: Python FastAPI, Uvicorn
- Security Engines: OSQuery (Live Telemetry), YARA (Malware Signatures)
- Intelligence: Local Ollama Integration (Zero-API Dependency)
- Resource-Aware AI: The LLM is invoked asynchronously only when high-severity threats are detected, preserving system RAM.
- Live Threat Graphing: Visualizes relationships between suspicious IPs, dropped files, and child processes.
- Event-Driven Telemetry: Real-time polling of Linux host states via OSQuery.
- Clone the repository.
- Run the backend orchestrator via WSL2:
cd backend && source start_env.sh - Launch the SOC interface:
cd frontend && npm install && npm run dev