🛡️ VAPT-Env

OpenEnv FastAPI Multi-Agent v2.0.0

An OpenEnv-compliant pen-testing environment that teaches Llama 3.2 3B to do real security audit reasoning — not pattern matching. Built for the Meta PyTorch OpenEnv Hackathon × SST Bangalore 2026.

6.4× avg score lift

Llama 3.2 3B post-GRPO: 0.075 → 0.482

3 hackathon themes

World Modeling · Multi-Agent · Long-Horizon

11-component grader

Reward-hacking-resistant by design

Quick links

🎬 90-sec founders intro (YouTube) — the reasoning gap, multi-agent primitive, and 6.4× lift in 90 seconds
🎮 Interactive demo (Gradio) — pick a scenario, watch the trained agent act, see the grader breakdown live
📦 GitHub repo — env + grader + 78 tests + Colab notebook
🤗 Trained adapter on HF Hub — Llama 3.2 3B + LoRA r=16
📊 W&B training run — real reward curve, 112 GRPO steps

API endpoints (this Space is the live env)

/docs — interactive OpenAPI / Swagger UI
/health — health check
/tasks — available scenarios + action schema + tool list
/openapi.json — full OpenAPI spec
POST /reset + POST /step — OpenEnv standard episode protocol

How to talk to this env

This Space speaks the OpenEnv protocol. From any environment with openenv-core installed:

from security_audit_env import SecurityAuditEnv, SecurityAuditAction

with SecurityAuditEnv(base_url="https://Sayuj63-Vapt-env.hf.space").sync() as env:
    r = env.reset(scenario_id="easy")
    rs = env.step(SecurityAuditAction(
        action_type="use_tool",
        tool_name="network_scan",
        arguments={"target": "10.0.1.0/24"},
    ))
    print(rs.observation.discovered_hosts)

Full README on the GitHub repo — scroll for the full architecture, the multi-dimensional grader, and the GRPO post-training results.

Built for Meta PyTorch OpenEnv Hackathon × SST Bangalore 2026