descry
catch sight of.
"the agent descried the attack surface before the adversary could"
AI agents that think like the attacker. They map your social graph, find the human weaknesses, and run the playbook before a real adversary does.
We simulate the attacker, not just the attack
Traditional pentesting tests perimeters. Descry replicates the human threat actor -- the one who reads your team's tweets, maps your org chart, and social-engineers their way to your private keys.
Attacker Simulation Engine
Descry doesn't scan -- it thinks. AI agents built on LangGraph and CrewAI replicate an adversary's decision-making: target selection, social graph exploitation, and multi-step attack chains, autonomously.
Social Graph Pentesting
The attacker's first move is always people. Descry maps your team's public exposure -- Discord presence, Telegram groups, conference talks, LinkedIn connections -- and identifies the exact relationship chains a threat actor would exploit.
Sandboxed Attack Rehearsal
Every simulated attack runs in ephemeral containers. The agents rehearse SIM swap paths, approval phishing flows, and address poisoning scenarios inside isolated sandboxes -- full kill-chain, zero real-world footprint.
Consent-First Execution
Social pentesting touches personal data by nature. Descry enforces GDPR Article 6 and CNIL penetration testing guidelines at the workflow level -- no agent acts without verified lawful basis.
Know what they know about you
You don't need to be a protocol to be a target. If you hold crypto, you have an attack surface. Descry shows you exactly what a motivated attacker can find about you -- and how to disappear from their radar.
Protect yourselfWallet Exposure Audit
See exactly what an attacker can learn about you from your on-chain activity. ENS lookups, transaction graph analysis, and address clustering that reveals your holdings.
Personal OSINT Report
The same reconnaissance a threat actor would run against you: leaked credentials, social media footprint, phone number exposure, and SIM swap susceptibility.
Attack Surface Score
A single score that quantifies how easy you are to target. Based on your public exposure, operational security habits, and wallet hygiene -- with actionable steps to harden each area.
Privacy Hardening Guide
Personalized recommendations to reduce your footprint: which Discord servers leak your wallet, which approvals to revoke, and how to compartmentalize your on-chain identity.
Your team is the attack surface
Firewalls don't stop an attacker who befriends your dev on Telegram. Descry runs the full adversary playbook against your organization -- social graph mapping, pretexting simulations, and kill-chain rehearsals -- so you can close the human gaps.
Team Social Graph Mapping
Map every public connection between your team members. Descry finds the org chart your team accidentally published across LinkedIn, GitHub, and governance forums.
Multi-Entity Attack Paths
See how an attacker would pivot from one team member to another. Relationship chain analysis that identifies the shortest path to your treasury or multisig signers.
Red Team Engagement Reports
Full adversary simulation against your organization. Pretexting scenarios, phishing campaign feasibility, and insider threat modeling -- delivered as a board-ready report.
Continuous Monitoring
Ongoing social surface monitoring. Get alerts when team members appear in new breach databases, when wallet activity reveals sensitive relationships, or when new attack vectors emerge.
Compliance Documentation
Auto-generated GDPR/CNIL audit trails for every engagement. Pre-built consent workflows, purpose limitation documentation, and data processing records for regulatory review.
Executive Dashboard
Organization-wide attack surface visibility. Track exposure trends over time, benchmark against industry baselines, and prioritize remediation by business impact.
How an attacker would come for you
Descry runs the adversary's playbook so you don't have to learn it the hard way. Every step is logged, GDPR-verified, and delivered as an actionable report.
Profile the Target
The agent starts where a real attacker would: open sources. It scrapes your public footprint, builds an org chart from LinkedIn and GitHub, maps wallet clusters, and identifies who holds the keys -- literally and figuratively.
Map the Social Surface
30+ OSINT tools run in parallel to reconstruct the human attack surface. Discord roles, Telegram group memberships, conference speaker lists, leaked credentials, ENS domains, and on-chain transaction patterns that reveal relationships.
Rehearse the Attack
Inside sandboxed containers, agents simulate the full kill-chain: craft a pretexting scenario for SIM swap, stage an approval phishing flow, test address poisoning against your wallet UX -- all without touching the real target.
Deliver the Playbook
The output isn't a vulnerability list -- it's the attacker's playbook. Sequenced attack paths ranked by feasibility, the specific people and relationships that are exploitable, and the exact steps to close each vector.
The playbooks attackers actually use
These aren't theoretical risks. Descry's agents simulate the exact TTPs used in real crypto heists -- the social engineering, the wallet exploits, the human failures that no firewall catches.
SIM Swapping
The agent calls the carrier -- figuratively. It maps which phone numbers are tied to crypto accounts, tests port-out PIN exposure, and simulates the social engineering script an attacker would use on telecom support.
Address Poisoning
The agent generates lookalike addresses that would fool your team, tests clipboard injection surfaces, and identifies which wallet UX patterns make copy-paste attacks viable.
Approval Phishing
The agent crafts the exact malicious approval transaction an attacker would deploy. It audits existing unlimited allowances, simulates permit2 signature phishing, and shows you which team members would click.
Private Key Hygiene
The agent hunts for your keys the way an attacker would: leaked seed phrases in repos, weak multi-sig thresholds, hardware wallet misconfigurations, and cloud backup patterns that expose the crown jewels.
Social Engineering
The core of social pentesting. The agent builds a dossier the way a threat actor would: public team rosters, Discord admin roles, Telegram group leaks, conference travel patterns, and the specific trust relationships that open doors.
Social pentesting, lawfully
Simulating an attacker means touching personal data. Descry ensures every action has verified consent, documented purpose, and a complete chain of custody.
GDPR Consent Verification
Every reconnaissance action is checked against GDPR Article 6 lawful bases. Automated data subject impact assessments generated before any personal data processing begins.
CNIL Framework Adherence
Full alignment with CNIL guidelines on penetration testing and security auditing. Pre-engagement consent workflows, purpose limitation documentation, and data minimization enforcement.
Immutable Audit Trails
Every tool invocation, agent decision, and data access is logged to an append-only audit trail. Chain-of-custody documentation for findings, exportable for regulatory review.
Know the playbook before they run it
Let Descry simulate the attacker targeting your team. Social graph mapping, kill-chain rehearsal, crypto-specific vectors -- delivered as an actionable playbook, not a PDF of CVEs.