Vigolium: A Powerful Open-Source Vulnerability Scanner with AI-Driven Auditing

The cybersecurity community has long grappled with a fundamental trade-off: deterministic scanners are lightning-fast but often produce a dizzying volume of false positives, while manual penetration testing is highly accurate but expensive and difficult to scale. On May 27, 2026, prominent security researchers Jessie “j3ssie” Ho and Tuan “theblackturtle” Tran—internationally recognized for creating offensive security workflows like Osmedeus and Jaeles—disrupted this paradigm with the open-source release of Vigolium. Vigolium is a high-fidelity web vulnerability scanner engineered in Go to bridge this gap. By fusing high-performance native auditing with an advanced, LLM-driven agentic execution model, Vigolium aims to eliminate false-positive fatigue and equip security teams with verified, actionable proof of exploitability.

The Paradigm Shift: Native Go Speed Meets Agentic AI

Traditional application security testing (AST) tools operate on rigid, pre-defined rule sets. While highly efficient at executing rapid pattern matching, they lack the contextual intuition required to analyze complex logical workflows, multi-step authentication schemes, or framework-specific integration flaws. Conversely, early attempts at integrating Generative AI into security tooling have suffered from severe “hallucination” problems and prohibitive API cost structures.

Vigolium addresses these challenges by splitting its execution architecture into two distinct pipelines:

• Deterministic Native Execution: A high-performance, concurrent Go pipeline that performs traditional scanning at scale without the overhead of machine learning.
• Autonomous Agentic Auditing: An in-process, LLM-driven runtime called olium that coordinates multi-step security reviews, attack planning, and finding verification.

By keeping these execution paths complementary, Vigolium allows organizations to utilize fast, predictable checks for continuous integration (CI) gates, while unleashing autonomous AI agents for deep, periodic assessments where contextual reasoning is mandatory.

Designing a Modern Vulnerability Scanner: The Architectural Breakdown

To understand Vigolium’s efficacy, it is necessary to examine how its underlying engine manages target analysis. At its core, Vigolium functions as a dual-engine vulnerability scanner capable of digesting a vast array of inputs—including OpenAPI/Swagger specifications, Postman collections, Burp XML, cURL commands, raw HTTP requests, HAR files, and legacy Nuclei templates.

The Deterministic Pipeline (vigolium scan)

The native scanning pipeline is built purely in Go for maximum speed and predictable execution, utilizing over 251 built-in active and passive scanning modules. It transitions through several distinct phases:

1. Ingestion & Scope Filtering: Normalizes incoming raw requests and structural files to establish strict execution boundaries.
2. Adaptive Content Discovery (Deparos): Instead of relying on static wordlist brute-forcing, Vigolium features an integrated discovery engine named Deparos. Deparos performs directory fuzzing and endpoint discovery while dynamically learning from server responses, adapting its dictionaries on the fly, and filtering out false-positive pages using fingerprint-based soft-404 detection.
3. Browser-Based Spidering (Spitolas): For modern Single Page Applications (SPAs) built on frameworks like React, Vue, or Angular, traditional HTTP request parsing fails to capture the full attack surface. Vigolium resolves this via Spitolas, an embedded Chromium-driven crawler that dynamically interacts with web interfaces, parses forms, and registers active endpoints.
4. Concurrent Executor & Module Dispatch: Distributes target requests across passive and active auditing modules, covering injection vulnerabilities, broken access controls, API protocol flaws, framework-specific misconfigurations, and out-of-band (OAST) vulnerabilities.

Crucially, developers can extend this deterministic engine by writing custom active or passive auditing modules in JavaScript. This is made possible through the integration of Sobek, a highly optimized, pure-Go ECMAScript 5.1/ES6+ JavaScript virtual machine maintained by Grafana and famously used to power k6 load-testing environments. By embedding Sobek directly within the Go binary, Vigolium provides a secure, high-speed scripting runtime without the compilation complexity or execution overhead of a CGO-wrapped V8 engine.

The Agentic Engine (vigolium agent)

When deeper context-aware auditing is required, users invoke the vigolium agent command. This hands execution over to olium, an in-process, multi-agent AI coordinator. Unlike simple prompt-response frameworks, an agentic architecture empowers the LLM to actively drive the scanning process. It makes decisions, executes commands, reads filesystem structures, and revises plans based on real-time feedback. The olium engine natively supports several execution modes:

• Query (vigolium agent query): A single-shot prompt executor designed for localized tasks, such as code reviews, endpoint identification, or locating hardcoded secrets within a repository, bypassing active network scanning.
• Autopilot (vigolium agent autopilot): A hands-off black-box pentesting mode where the agent autonomously navigates the target, drives a headless Chromium instance, writes custom JavaScript scanner extensions on the fly, and orchestrates CLI tools until it determines the target has been fully mapped and calls halt_scan.
• Swarm (vigolium agent swarm): A highly structured, 10-phase pipeline where a master agent coordinates specialized tasks. The workflow spans normalization, authentication evaluation, source-code analysis, dynamic active discovery, attack planning, custom module synthesis, scanning, automated triage, and final report generation.
• Audit (vigolium agent audit): A unified whitebox source-code auditing dispatcher that triggers static security analysis through embedded harnesses, analyzing code blocks side-by-side with dynamic observations.

Deep Source-Code Audits with Piolium

Expanding on the static capabilities of the core scanner, the development team published a dedicated companion package called @vigolium/piolium on May 29, 2026. Packaged as a native extension for the Pi Coding Agent, Piolium acts as a specialized repository security auditor.

When initiated via vigolium agent audit --driver=piolium, the tool executes deep, multi-phase static security audits of source repositories. It utilizes a series of specialist sub-agents operating within sandboxed workspaces with isolated context windows to analyze logic flows. The Piolium architecture supports up to 17 distinct audit phases in its deep configuration—making it the most comprehensive whitebox scanner in the Vigolium suite. It executes local reconnaissance, identifies dependency advisories, maps target attack surfaces, constructs potential exploit paths, and generates reproducible Proof-of-Concepts (PoCs).

Because full audits of large repositories can take hours, Piolium features capped concurrency constraints to protect computing resources and employs a fully resumable state. If an audit run is interrupted or if code is modified mid-audit, Piolium can resume from its last validated state and only re-analyze the affected code diffs. Users can interactively manage these repository audits using intuitive slash commands (such as /piolium-deep, /piolium-status, or /piolium-confirm) directly within their Pi environment.

Taming the Beast: Mitigating False Positives and Cost Fatigue

Integrating Large Language Models into offensive security platforms introduces two notorious operational risks: the financial danger of runaway API token utilization and the technical headache of hallucinated vulnerabilities. Vigolium directly mitigates both issues through strict engineering guardrails.

The Separate Triage Phase

To completely eradicate false-positive “hallucinations” common to simple LLM-assisted code reviews, Vigolium implements a rigid verification workflow. The agentic scanner does not merely report potential flaws based on structural code reading or anomalous HTTP headers. Instead, when a candidate vulnerability is detected, Vigolium initiates a separate, dedicated triage pass. The system automatically generates a tailored functional payload and executes a live re-test against the target application to actively exploit and confirm the bug. If the payload fails to execute or produce the expected cryptographic, out-of-band, or database-state response, the finding is immediately discarded. Security teams only receive findings backed by verifiable, reproducible proof.

Granular Budget Controls

To prevent autonomous agents from creating infinite execution loops and generating catastrophic API bills, Vigolium provides developers with granular budget and concurrency constraints. Within the configuration profiles, operators can enforce strict thresholds on:

• Maximum LLM tokens consumed per session.
• The total number of external tool and shell execution calls allowed.
• Max limits on verification and triage iterations.
• Absolute wall-clock duration limits on scanning processes.

Crucially, Vigolium utilizes a Bring-Your-Own-Key (BYOK) model. Organizations have the flexibility to route agent logic through commercial frontier models—including Anthropic’s API, OpenAI, or Google Vertex AI—or redirect execution to entirely local, private instances using Ollama, vLLM, OpenRouter, or LM Studio. This flexibility allows security teams to run massive, zero-cost audits using open-weights models when cloud budgets are constrained.

Operational Safety and Deployment Options

Because Vigolium’s agentic modes must interact with local development tools, build artifacts, wordlists, and local networks to effectively perform real-world pentests, vigolium agent runs without restrictive sandboxing on the host machine by default. While this design is intentional, it introduces the risk of arbitrary command execution if the LLM encounters a hostile target codebase.

To guarantee system boundary safety, the developers explicitly recommend running agentic scans inside isolated environments—such as dedicated Docker containers, ephemeral VMs, or sandboxed CI runner nodes. To facilitate this, the tool supports flexible deployment topologies:

• Standalone CLI: A compiled Go binary natively supporting Linux and macOS, and Windows via WSL.
• REST API Server: Allowing programmatic orchestration across enterprise infrastructure.
• Traffic-Ingesting Client: Hooking directly into proxy pipelines to analyze live traffic feeds.
• Vigolium Workbench: A self-hosted dashboard for visual reporting, target tracking, and proof-of-concept verification.

Conclusion: The Future of High-Fidelity Offensive Security

Vigolium represents a significant evolution in offensive application security tooling. By decoupling deterministic scanning from agentic reasoning, it provides security practitioners with the best of both worlds: the raw execution speed and cost-efficiency of concurrent Go modules alongside the deep logical context of modern artificial intelligence. By focusing intensely on verified exploitability and providing granular financial and operational controls, Vigolium addresses the primary barriers to automating application security, offering a highly precise, open-source platform that developers and security teams can confidently integrate into their devsecops workflows.