Design Philosophy
The Single Loop
Agent = while(true) { Think → Act → Observe }
The agent operates in a continuous loop of strategic thinking, tactical action, and observation. Each iteration builds on the previous, creating a chain of informed decisions.
1. Think
Before any action, the agent analyzes the current state:
- →Where am I? (external, internal, what access level?)
- →What resources are active? (shells, listeners, servers)
- →What do I know? What is still unknown?
2. Plan
Strategic path selection with fallback alternatives. The agent considers multiple attack vectors and chooses the most promising, always preparing contingency plans.
3. Act
Execute tools and commands. Parallel execution when possible, sequential when dependencies exist. Every action is logged for audit.
4. Observe
Deep analysis of results - every line of output is examined:
- →Extract new targets, services, credentials, paths
- →"Nothing found" is also information (eliminate vectors)
- →Error messages contain version, path, configuration hints
5. Reflect
Context maintenance and direction adjustment. The agent summarizes achievements, remaining tasks, and decides: continue current phase or transition to the next?
Safety Philosophy
Scope Guard
Every action is validated against defined scope. Fail-closed design: no scope = no action.
Approval Levels
4-tier system: Auto, Confirm, Review, Block. Risk-appropriate human oversight.