Changelog

Track Syd's development. All releases on GitHub and GitLab

v3.0.0 Current

Released: January 2026 • Production Ready

Major Changes

  • Fact-Extraction Architecture: Custom validation layer prevents hallucinations by grounding all answers in actual tool output
  • Model Upgrade: Switched to Qwen 2.5 14B (Q5_K_M GGUF) via llama-cpp-python. No Ollama required
  • Metasploit Integration (Enterprise): Full module browser, Ruby metadata parser, source code viewer, RC script builder, and interactive msfconsole launcher
  • Validated Accuracy: 9.27/10 average across all 6 Pro tools, tested against real engagements
  • PyInstaller EXE: Pro and Enterprise ship as self-contained Windows EXEs. No Python setup required
  • Airgapped Licensing: HMAC-based offline licence validation

New Features

  • YARA detection analysis: 9.84/10 accuracy (5/5 tests)
  • NetExec (NXC) analysis: 9.2/10 accuracy
  • PCAP network analysis tool page
  • Ask Syd AI chat on every tool page
  • Auto-detect CPU cores (no longer hardcoded to 16 threads)
  • Thread-safe Tkinter UI: all background updates via self.after(0, callback)
  • Token budget management: 8192 context window with intelligent truncation
  • LLM inference lock: prevents concurrent model access from multiple tool tabs

Metasploit (Enterprise, 3 Phases)

  • Phase 1: Knowledge base (20 docs), fact extractor, GUI page, Ask Syd chat
  • Phase 2: Module browser: split-pane treeview, Ruby metadata parser, source code viewer, CVE search normalisation, "Ask Syd About Module"
  • Phase 3: Launch tab: RC script builder, interactive msfconsole via subprocess, live output streaming, ANSI stripping, Save/Load .rc files, "Use Output" for analysis

Bug Fixes

  • Thread safety: all Tkinter ops from background threads fixed
  • Exploit deduplication in Metasploit module browser
  • Hashdump whitespace parsing
  • CVE count/score extraction
  • Service deduplication in Nmap analysis
  • Token overflow handling for large tool outputs
  • Interactive command input for msfconsole (--no-readline flag)

Accuracy Scores (Production Tested)

ToolScoreTestsStatus
Nmap9.1/10 (96.7%)4/4 scan typesProduction Ready
YARA9.84/105/5 testsProduction Ready
BloodHound10/101 testProduction Ready
Volatility8.13/1015/15 questionsProduction Ready
NetExec9.2/102/2 testsProduction Ready
PCAPFunctionalFunctional testProduction Ready
Average9.27/10All toolsAll Pro Tools Ready
↓ Download v3.0.0 from GitHub View on GitLab

Alpha v0.2

Released: December 2024

Changes

  • Transitioned from Dolphin Llama 3 8B to Llama 3.1 via Ollama
  • Improved RAG retrieval accuracy
  • Expanded knowledge base to 356,000+ chunks
  • Open source release on GitLab under MIT licence
  • Added YARA rule suggestions for malware analysis
  • Fixed encoding issues with special characters in tool output

Alpha v0.1

Released: October 2024

Initial Release

  • First public release of Syd AI Assistant
  • Core RAG architecture with FAISS vector database
  • Basic tool integration: Nmap, Metasploit, Volatility, YARA
  • Dolphin Llama 3 8B model integration
  • 300,000+ knowledge chunks
  • Air-gapped operation confirmed working

Roadmap

Enterprise: In Development

  • Sliver C2: Knowledge base complete (21 docs, 7,986 lines). FAISS indexing and GUI page in development.
  • Responder: Planned for Enterprise v2
  • Impacket: Planned for Enterprise v2

Future

  • Multi-tool correlation: automatically link findings across Nmap, BloodHound and Volatility
  • PDF report export from analysis results
  • Burp Suite integration
  • Hashcat integration
  • Per-client knowledge base isolation for MSSPs
Responsible Disclosure

Found a security issue in Syd?