MCPcopy
hub / github.com/j3ssie/osmedeus

github.com/j3ssie/osmedeus @v5.0.3 sqlite

repository ↗ · DeepWiki ↗ · release v5.0.3 ↗
8,336 symbols 36,746 edges 433 files 3,577 documented · 43%
README

Osmedeus

Osmedeus

Osmedeus - A Modern Orchestration Engine for Security

What is Osmedeus?

Osmedeus is a security focused declarative orchestration engine that simplifies complex workflow automation into auditable YAML definitions, complete with encrypted data handling, secure credential management, and sandboxed execution.

Built for both beginners and experts, it delivers powerful, composable automation without sacrificing the integrity and safety of your infrastructure.

Key Features

  • Declarative YAML Workflows - Define pipelines with hooks, decision routing, module exclusion, and conditional branching across multiple runners (host, Docker, SSH)
  • Distributed Execution - Redis-based master-worker pattern with queue system, webhook triggers, and file sync across workers
  • Rich Function Library - 80+ utility functions including nmap integration, tmux sessions, SSH execution, TypeScript/Python scripting, SARIF parsing, and CDN/WAF classification
  • Event-Driven Scheduling - Cron, file-watch, and event triggers with filtering, deduplication, and delayed task queues
  • Agentic LLM Steps - Tool-calling agent loops with sub-agent orchestration, memory management, and structured output; plus ACP subprocess agents (Claude Code, Codex, OpenCode, Gemini)
  • Cloud Infrastructure - Provision and run scans across DigitalOcean, AWS, GCP, Linode, and Azure with cost controls and automatic cleanup
  • Rich CLI Interface - Interactive database queries, bulk function evaluation, workflow linting, progress bars, and comprehensive usage examples
  • REST API & Web UI - Full API server with webhook triggers, database queries, and embedded dashboard for visualization

See Documentation Page for more details.

Installation

curl -sSL http://www.osmedeus.org/install.sh | bash

See Quickstart for quick setup and Installation for advanced configurations.

CLI Usage Web UI Assets Workflow Visualization
CLI Usage Web UI Assets Workflow Visualization

Quick Start

# Run a module workflow
osmedeus run -m recon -t example.com

# Run a flow workflow
osmedeus run -f general -t example.com

# Multiple targets with concurrency
osmedeus run -m recon -T targets.txt -c 5

# Dry-run mode (preview)
osmedeus run -f general -t example.com --dry-run

# Start API server
osmedeus serve

# List available workflows
osmedeus workflow list

# Query discovered assets
osmedeus assets -w example.com                          # List assets for workspace
osmedeus assets --stats                                 # Show unique technologies, sources, types
osmedeus assets --source httpx --type web --json        # Filter and output as JSON

# Query vulnerabilities, runs, and steps
osmedeus query vulns --severity high --workspace example.com
osmedeus query runs --status running
osmedeus query steps --run <run-uuid>

# Query database tables
osmedeus db list --table runs
osmedeus db list --table event_logs --search "nuclei"

# Evaluate utility functions
osmedeus func eval 'log_info("hello")'
osmedeus func eval -e 'http_get("https://example.com")' -T targets.txt -c 10

# Platform variables available in eval
osmedeus func eval 'log_info("OS: " + PlatformOS + ", Arch: " + PlatformArch)'

# Install from preset repositories
osmedeus install base --preset
osmedeus install base --preset --keep-setting   # preserve existing osm-settings.yaml
osmedeus install workflow --preset

# Exclude modules from flow execution
osmedeus run -f general -t example.com -x portscan
osmedeus run -f general -t example.com -X vuln    # Fuzzy exclude by substring

# Worker queue system
osmedeus worker queue new -f general -t example.com   # Queue for later
osmedeus worker queue run --concurrency 5              # Process queue

# Worker management
osmedeus worker status                          # Show workers
osmedeus worker eval -e 'ssh_exec("host", "whoami")'  # Eval with distributed hooks

# Run an ACP agent interactively
osmedeus agent "analyze this codebase"
osmedeus agent --agent codex "explain main.go"
osmedeus agent --list

# Cloud infrastructure management
osmedeus cloud create --instances 3                    # Provision cloud machines
osmedeus cloud setup 1.2.3.4 5.6.7.8                  # Setup existing machines
osmedeus cloud list                                    # List active infrastructure
osmedeus cloud run -f general -t example.com --instances 3

# Show all usage examples
osmedeus --usage-example

Docker

# Show help
docker run --rm j3ssie/osmedeus:latest --help

# Run a scan
docker run --rm -v $(pwd)/output:/root/workspaces-osmedeus \
    j3ssie/osmedeus:latest run -f general -t example.com

For more CLI usage and example commands, refer to the CLI Reference.

High-Level Architecture

┌───────────────────────────────────────────────────────────────────────────┐
│                   Osmedeus Orchestration Engine                           │
├───────────────────────────────────────────────────────────────────────────┤
│  ENTRY POINTS                                                             │
│  ┌──────────┐  ┌──────────┐  ┌──────────┐  ┌─────────────┐                │
│  │   CLI    │  │ REST API │  │Scheduler │  │ Distributed │                │
│  └────┬─────┘  └────┬─────┘  └────┬─────┘  └─────┬───────┘                │
│       └─────────────┴─────────────┴──────────────┘                        │
│                              │                                            │
│                              ▼                                            │
│  ┌─────────────────────────────────────────────────────────────────────┐  │
│  │ CONFIG ──▶ PARSER ──▶ EXECUTOR ──▶ STEP DISPATCHER ──▶ RUNNER       │  │
│  │                          │                                          │  │
│  │  Step Executors: bash | function | parallel | foreach | remote-bash │  │
│  │                  http | llm | agent | agent-acp | SARIF/SAST       │  │
│  │  Hooks: pre_scan_steps → [main steps] → post_scan_steps             │  │
│  │                          │                                          │  │
│  │  Runners: HostRunner | DockerRunner | SSHRunner                     │  │
│  │  Queue: DB + Redis polling → dedup → concurrent execution           │  │
│  └─────────────────────────────────────────────────────────────────────┘  │
└───────────────────────────────────────────────────────────────────────────┘

For more information about the architecture, refer to the Architecture Documentation.

Roadmap and Status

The high-level ambitious plan for the project, in order:

# Step Status
1 Osmedeus Engine reforged with a next-generation architecture
2 Flexible workflows and step types
3 Event-driven architectural model and the different trigger event categories
4 Beautiful UI for visualize results and workflow diagram
5 Rewriting the workflow to adapt to new architecture and syntax
6 Testing more utility functions like notifications
7 SAST integration with SARIF parsing (Semgrep, Trivy, etc.)
8 Cloud integration, which supports running the scan on the cloud provider.
9 Generate diff reports showing new/removed/unchanged assets between runs.
10 Adding step type from cloud provider that can be run via serverless
N Fancy features (to be discussed later)
## Documentation
Topic Link
Getting Started docs.osmedeus.org/getting-started
CLI Usage & Examples docs.osmedeus.org/getting-started/cli
Writing Workflows docs.osmedeus.org/workflows/overview
Event-Driven Triggers docs.osmedeus.org/advanced/event-driven
Deployment docs.osmedeus.org/deployment
Architecture docs.osmedeus.org/concepts/architecture
Development docs.osmedeus.org/development and HACKING.md
Extending Osmedeus docs.osmedeus.org/development/extending-osmedeus
Full Documentation docs.osmedeus.org

Disclaimer

Osmedeus is designed to execute arbitrary code and commands from user supplied input via CLI, API, and workflow definitions. This flexibility is intentional and central to how the engine operates.

Please refer to the ⚠️ Security Warning page for more information on how to stay safe.

Think twice before you: - Run workflows downloaded from untrusted sources - Execute commands or scans against targets you don't own or have permission to test - Use workflows without reviewing their contents first

You are responsible for what you run. Always review workflow YAML files before execution, especially those obtained from third parties.

License

Osmedeus is made with ♥ by @j3ssie and it is released under the MIT license.

Extension points exported contracts — how you extend this code

ConfigProvider (Interface)
ConfigProvider provides access to the current configuration. This interface allows handlers to retrieve fresh configurat [12 …
pkg/server/handlers/config_provider.go
LinterRule (Interface)
LinterRule is the interface that all lint rules must implement [8 implementers]
internal/linter/types.go
StepExecutor (Interface)
StepExecutor executes individual steps [7 implementers]
internal/core/interfaces.go
ToolExecutor (Interface)
ToolExecutor defines the interface for executing agent tool calls. Each implementation handles a specific tool (preset o [13 …
internal/executor/tool_executor.go
Runner (Interface)
Runner interface for executing commands in different environments [4 implementers]
internal/runner/runner.go
Source (Interface)
Source is the interface for fetching releases (abstracts go-selfupdate Source) [2 implementers]
internal/updater/updater.go
BatchRenderer (Interface)
BatchRenderer extends TemplateEngine with batch rendering capability for improved performance under high concurrency. [2 …
internal/template/interface.go
TriggerHandler (FuncType)
TriggerHandler is called when a trigger fires
internal/scheduler/scheduler.go

Core symbols most depended-on inside this repo

i
called by 1732
public/ui/_next/static/chunks/ae537c483683caae.js
r
called by 1155
public/ui/_next/static/chunks/e76c06a2463d634e.js
String
called by 1119
internal/fileio/mmap.go
Get
called by 985
internal/logger/logger.go
String
called by 781
internal/linter/types.go
ToValue
called by 763
internal/functions/goja_pool.go
Yellow
called by 711
internal/terminal/colors.go
push
called by 622
public/ui/_next/static/chunks/ae537c483683caae.js

Shape

Function 5,626
Method 2,004
Struct 522
Class 116
TypeAlias 29
Interface 23
FuncType 16

Languages

Go61%
TypeScript39%

Modules by API surface

public/ui/_next/static/chunks/4978365edc2bf16c.js521 symbols
public/ui/_next/static/chunks/e76c06a2463d634e.js510 symbols
public/ui/_next/static/chunks/5a31e7e670984d42.js347 symbols
public/ui/_next/static/chunks/a6dad97d9634a72d.js212 symbols
public/ui/_next/static/chunks/ae537c483683caae.js185 symbols
public/ui/_next/static/chunks/2c2b2b4a7c3cabc2.js123 symbols
public/ui/_next/static/chunks/b5f708c6982c3b94.js98 symbols
public/ui/_next/static/chunks/855db3470289e304.js83 symbols
internal/functions/db_functions.go81 symbols
public/ui/_next/static/chunks/908798be08ffb4a0.js74 symbols
internal/config/config.go71 symbols
internal/executor/executor_test.go67 symbols

Dependencies from manifests, versioned

dario.cat/mergov1.0.0 · 1×
github.com/42wim/httpsigv1.2.3 · 1×
github.com/KyleBanks/depthv1.2.1 · 1×
github.com/Masterminds/semver/v3v3.4.0 · 1×
github.com/Microsoft/go-winiov0.6.2 · 1×
github.com/ProtonMail/go-cryptov1.1.6 · 1×
github.com/PuerkitoBio/purellv1.1.1 · 1×
github.com/PuerkitoBio/urlescv0.0.0-2017081014372 · 1×
github.com/aead/chacha20v0.0.0-2018070915024 · 1×
github.com/agext/levenshteinv1.2.3 · 1×

Datastores touched

(mysql)Database · 1 repos

For agents

$ claude mcp add osmedeus \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact