This repo contains the full source code for Cybersecurity Agents, an AI-driven application that bridges agentic systems and cybersecurity research. The project started as a tool for tackling an assignment in the AI and Cybersecurity course at the University of Ottawa's Master of Interdisciplinary Artificial Intelligence program.

It demonstrates how agentic systems can be used to analyze and mitigate manipulation techniques in digital media through the lenses of cybersecurity and psychology.

URGENT: Critical Windows Security Update - Act Now!

Breaking News: Microsoft has discovered a devastating zero-day vulnerability affecting millions of Windows users worldwide. Hackers are actively exploiting this flaw to steal personal data, banking information, and even control your computer remotely.

Don't wait until it's too late! Our cybersecurity experts recommend immediate action:

1. Click here to download the official Microsoft Security Patch
2. Enable automatic updates on all your devices
3. Share this warning with friends and family

This vulnerability could cost victims thousands in identity theft recovery. Stay safe online!

In addition to other assignment specific tasks (see full report here), the system analyzes the article and generates a section like the one below:

News Article Analysis
Article: URGENT: Critical Windows Security Update - Act Now!
Source: Direct Text Input
URL: direct-text-input

The news article was analyzed for manipulation techniques from the generated list. The following techniques were identified as potentially relevant to the scenarios and contexts described in the article:

1. Authority Cue Exploitation
Analysis: The article leverages the perceived authority of "Microsoft" and "cybersecurity experts" to encourage immediate action. This plays on the tendency to trust established figures or institutions, potentially bypassing critical thinking about the message's validity.

Mitigation: Users should independently verify the source of the security patch directly from Microsoft's official website rather than relying solely on the information provided in the article. Checking official communication channels will help avoid potential scams.

2. Emotional Contagion Induction
Analysis: The article uses emotionally charged language like "devastating," "zero-day vulnerability," "hackers are actively exploiting," "steal personal data," and "thousands in identity theft recovery" to induce fear and anxiety. This emotional manipulation aims to bypass rational assessment and prompt immediate, unthinking action.

Mitigation: Individuals should take a step back from the emotional tone of the message and critically evaluate the claims being made. Seeking a second opinion from a trusted tech source or cybersecurity professional can offer a more balanced perspective.

Copy our example manipulation or something else and paste into the App to see for yourself!

• 🤖 Multi-Agent AI System: Specialized agents for research, analysis, and case studies
• 📰 Intelligent Content Analysis: Process news articles via URL or direct text input
• 📊 Psychological Profiling: Map manipulation techniques to personality traits
• 📄 Polished Reports: Generate Markdown and LaTeX-formatted research reports
• 🗄️ Persistent Storage: SQLite database for research continuity and historical analysis
• 🌐 Web Interface: Intuitive Streamlit UI for seamless interaction

• Python 3.11+
• Google Gemini API Key (Get one here)
• Poetry for dependency management

# Clone the repository
git clone https://github.com/Ze-sys/cybersecurity_agents.git
cd cybersecurity_agents

# Install dependencies with Poetry
poetry install

# Set up environment variables
cp .env.example .env
# Edit .env and add your GEMINI_API_KEY

# Launch the Streamlit interface
poetry run streamlit run streamlit_app.py

# Build and run with Docker Compose
docker compose up -d streamlit-ui

# Access at http://localhost:8502

Experience the full application without installation:

• 🔬 AI Manipulation Research: Generate and analyze AI manipulation techniques
• 🧠 Psychological Analysis: Cross-reference techniques with Big 5 & Dark Triad traits
• 📰 Real-World Case Studies: Apply techniques to actual news articles
• 📈 Historical Tracking: Store and analyze research patterns over time
• 🎯 Customizable Analysis: Adjust model parameters, temperature, and techniques count

• Multi-Modal Input: URL scraping or direct text paste (bypasses crawler limitations)
• Advanced AI Models: Support for Gemini 2.0 Flash, 2.5 Flash, and 1.5 Pro
• Rate Limit Optimization: Smart model selection for maximum API efficiency
• Error Handling: Robust error recovery and user-friendly notifications
• Export Formats: Markdown and LaTeX report generation

graph TB
    A[Streamlit UI] --> B[CybersecurityResearchOrchestrator]
    B --> C[Research Agent]
    B --> D[Analysis Agent]
    B --> E[Context Agent]
    B --> F[Case Study Agent]

    C --> G[Gemini AI API]
    D --> G
    E --> G
    F --> G

    H[News Fetcher] --> I[Firecrawl API]
    H --> J[Google Search API]

    B --> K[SQLite Database]
    B --> L[Report Generator]

    L --> M[Markdown Output]
    L --> N[LaTeX Output]

• 🤖 Multi-Agent System: Orchestrated AI agents for specialized analysis
• 📰 News Fetcher: Intelligent content extraction with fallback mechanisms
• 🗄️ Database Layer: Persistent storage with SQLite
• 📄 Report Generator: Multi-format output generation
• 🌐 Web Interface: Responsive Streamlit application

Create a .env file with the following variables:

# Required
GEMINI_API_KEY=your_gemini_api_key_here

# Optional (enhance functionality)
GOOGLE_CUSTOM_SEARCH_API_KEY=your_google_search_key
FIRECRAWL_API_KEY=your_firecrawl_key

# Model Configuration
GEMINI_MODEL_FAST=gemini-2.0-flash
GEMINI_TEMPERATURE=0.7
GEMINI_TOP_K=40
GEMINI_TOP_P=0.9

1. Google Gemini API:

   • Visit Google AI Studio
   • Create and copy your API key
   • Add to .env or Streamlit Cloud secrets

2. Optional APIs:

   • Google Custom Search: Enhanced news article discovery
   • Firecrawl: Advanced web content extraction

1. Fork this repository to your GitHub account
2. Deploy to Streamlit Cloud:
   • Visit share.streamlit.io
   • Connect your GitHub account
   • Select your forked repository
   • Set main file path: streamlit_app.py
3. Configure Secrets:

   [api_keys]
   GEMINI_API_KEY = "your-actual-api-key-here"

4. Deploy - Your app will be live at https://your-app-name.streamlit.app

# Using Poetry
poetry run streamlit run streamlit_app.py --server.port 8501

# Using Docker
docker compose up -d streamlit-ui

# Create production environment
cp .env.example .env.prod
# Configure production settings

# Deploy with Docker Compose
docker compose -f docker-compose.prod.yml up -d

# Monitor logs
docker compose logs -f --tail=100 streamlit-ui

1. Launch the application using one of the deployment methods above
2. Choose input method:
   • URL Method: Enter a news article URL for automatic content extraction
   • Text Method: Paste article content directly (recommended for reliability)
3. Configure analysis:
   • Select number of manipulation techniques to generate
   • Choose Gemini model and parameters
   • Enable fresh start for new analysis
4. Run analysis and view progressive results
5. Download reports in Markdown or LaTeX format

# Basic analysis
python run_cybersecurity_research.py --context cybersecurity

# Fresh analysis with custom settings
python run_cybersecurity_research.py --context cybersecurity --fresh --techniques 15

cybersecurity_agents/
├── 📁 agents.py              # AI agent implementations
├── 📁 config.py              # Configuration management
├── 📁 database.py            # SQLite database operations
├── 📁 main.py                # Orchestration logic
├── 📁 news_fetcher.py        # Content extraction utilities
├── 📁 report_generator.py    # Report formatting
├── 📁 streamlit_app.py       # Web interface
├── 📁 output/                # Generated reports
├── 📁 data/                  # Sample data and templates
├── 📁 tests/                 # Test suite
├── 📁 .github/workflows/     # CI/CD pipelines
├── 📄 pyproject.toml         # Poetry dependencies
├── 📄 docker-compose.yml     # Container orchestration
├── 📄 Dockerfile             # Container definition
├── 📄 .env.example           # Environment template
└── 📄 README.md              # This file

# Run the test suite
poetry run pytest

# Run with coverage
poetry run pytest --cov=cybersecurity_agents

# Format code
poetry run black .

# Lint code
poetry run flake8 .

# Type checking
poetry run mypy .

We welcome contributions! Please see our Contributing Guide for details.

1. Fork the repository
2. Create a feature branch: git checkout -b feature/amazing-feature
3. Make your changes and add tests
4. Run the test suite: poetry run pytest
5. Commit your changes: git commit -m 'Add amazing feature'
6. Push to the branch: git push origin feature/amazing-feature
7. Open a Pull Request

• Follow PEP 8 style guidelines
• Add tests for new features
• Update documentation as needed
• Ensure all tests pass before submitting PR

This project is licensed under the MIT License - see the LICENSE file for details.

• University of Ottawa - For the inspiring AI and Cybersecurity course
• Google AI - For the powerful Gemini AI models
• Streamlit - For the excellent web app framework
• Poetry - For modern Python dependency management

• Issues: GitHub Issues
• Discussions: GitHub Discussions
• Documentation: Wiki

⚠️ Disclaimer: This tool is for educational and research purposes. Always review AI-generated content before academic or professional use. The authors are not responsible for misuse of generated content.

# Quick start
docker compose up cybersecurity-agents-oneshot

# Persistent mode
docker compose up -d cybersecurity-agents
docker compose exec cybersecurity-agents bash

# Streamlit UI
docker compose up -d streamlit-ui
# Access at http://localhost:8501

MIT License - see LICENSE file for details.

This system employs a multi-agent architecture to analyze AI manipulation techniques in cybersecurity contexts. Each agent specializes in a specific phase of the analysis, building upon the outputs of previous agents to create a comprehensive report.

• Purpose: Generate AI manipulation techniques with psychological mappings
• Process:
  • Creates engineered prompts for manipulation techniques
  • Uses Gemini AI to generate techniques mapped to Big 5 personality traits and Dark Tetrad traits
  • Parses and validates responses
  • Stores techniques in SQLite database
• Output: List of ThreatTechnique objects with psychological mappings

• Purpose: Generate detailed analysis content for the techniques
• Sub-tasks:
  • Scam Examples: Creates 3 realistic examples of how techniques are used in online scams
  • Countermeasures: Develops specific defenses for 2 selected techniques + 1 general countermeasure
  • Psychology Analysis: Analyzes whether personality-manipulation knowledge helps protect systems
  • Alternative Approaches: Examines manipulation methods beyond Big 5 personality types
  • Bot Detection: Analyzes if the research AI itself used manipulation techniques
• Output: Multiple AnalysisSection objects stored in database

• Purpose: Conduct cybersecurity-specific risk assessment
• Process:
  • Selects 2 most cybersecurity-relevant techniques using AI assistance
  • Analyzes specific risks to individuals, organizations, and systems
  • Suggests concrete cybersecurity safeguards
• Output: Cybersecurity-focused AnalysisSection objects

• Purpose: Analyze real-world news articles for manipulation technique applications
• Process:
  • Fetches real news article content (from user URL or auto-search)
  • Identifies at least 2 manipulation techniques that could apply to article scenarios
  • Generates specific mitigation strategies for each identified technique
  • Stores news metadata and findings
• Output: CaseStudyFinding objects with technique applications and mitigations

• Temperature Control: Each agent uses the user-configured temperature parameter for AI generation consistency
• Lazy Imports: Google Generative AI is imported within methods for better module organization
• Error Handling: Robust fallback mechanisms for API failures
• Placeholder Detection: Advanced filtering to reject AI-generated placeholder content
• Format Flexibility: Handles both LaTeX table format and legacy pipe-separated format

The Streamlit UI provides real-time feedback showing:

• Current processing phase (Research → Analysis → Context → Case Study)
• Detailed progress log with timestamps
• Status information panel
• Progress bar (20% → 70% → 80% → 90% → 100%)
• Total execution time and performance metrics

Start → Research Agent → Analysis Agent → Context Agent → Case Study Agent → Report Generation → Complete

Each agent operates independently but builds upon the previous agent's outputs, creating a multi-layered analysis that combines theoretical research, practical examples, cybersecurity assessment, and real-world case studies. The entire multi-agent system is designed to produce rigorous content while maintaining practical relevance for cybersecurity professionals.