SANS Find Evil! — Custom MCP Server (Approach #2)

Stigmergy

Autonomous DFIR at machine speed. Math decides, a signed ledger records, and the LLM only explains — so a hallucination can never cause a wrong decision or forge an evidence trail.

⬇ DownloadWatch the real run ▶View on GitHub
0.567ms hot-path p5096 tests passingBLAKE3+Ed25519 ledger62 typed MCP tools
scroll ↓

The agent can't hallucinate its way into a wrong decision

Connecting an LLM to 200 forensic tools makes it fast — and makes it hallucinate. Stigmergy fixes that architecturally, not with prompts. Three planes, one rule: the model is never in the decision path.

Hot path — deterministic

Sensors deposit Dempster–Shafer evidence on a pheromone field. Belief / Plausibility / conflict_K decide observe · mitigate · conflict · escalate. No LLM. p50 0.567ms.

Forensic ledger — provable

Every decision: UUIDv7 + BLAKE3 hash chain + Ed25519 signature, Merkle-batched to Sigstore Rekor. One command re-verifies the whole chain.

Reasoning plane — off the hot path

Fractal pivot agents and a prosecutor/defense/judge narrator explain findings after the ledger entry exists. Citations are validated; output is schema-constrained.

Architectural guardrails, not prompt guardrails

The difference the brief asks for. If every prompt-based control failed at once, Stigmergy would still emit a correct, signed, tamper-evident decision.

◆ Architectural — cannot be prompted away

  • Typed MCP tools only — no execute_shell_cmd exists
  • Reference-resolved exhibit IDs, not free-form paths
  • LLM excluded from the decision path entirely
  • outlines/xgrammar FSM-constrained JSON output
  • BLAKE3 + Ed25519 ledger; tampering breaks verify
  • Fabricated citations rejected before the ledger

○ Prompt-based — defense in depth only

  • Narrator role instructions (prosecutor/defense/judge)
  • Zheng-2023 position-swap to reduce ordering bias
  • System-prompt scope limits for pivot agents

These improve explanation quality. They are not relied on for evidence integrity.

Replay: the real ROCBA run

Real indicators carved from the official SANS Find Evil! memory image, driven through the live pipeline into the signed ledger. Scrub the timeline; the amber marker is the self-correction — a Yager conflict the system refused to auto-mitigate.

Loading real-run replay…

Download & run it yourself

Stigmergy runs entirely on your machine — your telemetry, models, and signed ledger never leave it. One prerequisite: Docker.

★ Easiest — one-click installer

Get Stigmergy running in ~10 minutes

The launcher checks Docker, fetches the repo, starts the full stack, and opens the dashboard. Works on Windows, macOS, and Linux.

⬇ Download installerall platforms & assets →
…or one line on macOS / Linux:
curl -fsSL https://raw.githubusercontent.com/Shaugato/find-evil/main/installer/install.sh | bash
1 · Install Docker
Docker Desktop (Win/Mac) or Engine (Linux). Podman / Rancher / OrbStack work too.
2 · Run the launcher
Double-click it (or the one-liner). It clones the repo and runs docker compose up.
3 · Open the dashboard
The 6-pane command shell opens at localhost:9400; MCP at :9310.

Docker Compose

Prefer to drive it yourself? One command brings up valkey + nats + otel + the Stigmergy services.

docker compose up -ddeploy/ →

View on GitHub

Clone, read the code, run the 96-test suite, reproduce the validation. MIT licensed.

git clone …/find-evilRepository →

Native on SIFT

Full fidelity on the SANS SIFT Workstation under systemd — the validated reference environment.

bash scripts/bootstrap.shInstructions →