Vigilyx

English

简体中文

English

简体中文

Appearance

VigilyxEmail security that is actually different under the hood.

Open-source Rust mail security gateway. Not a black box — a detection stack you can read, test, and extend.

Quick Start
Architecture
Deployment Modes
Open source · Rust core · Mirror + Inline
Detection pipeline
  1. 01Parse
  2. 02Header
  3. 03Content
  4. 04Link
  5. 05YARA
  6. 06DLP
  7. 07Fuse
D-S + Murphyevidence fusion
5-state HMMBEC phase tracking
Hawkesself-exciting time series

Layer by layer

Open one email. Watch every layer flag it.

Pick a scenario. Scroll. Each line is a real detection Vigilyx runs against the captured email — from wire bytes to fused verdict. No stock imagery, no composite screenshot: the exact fields your engineers would see in a SOC triage.

captured · From: ceo@acme-corp.com · Subject: [URGENT] Wire transfer — vendor change · Tue 14:03
L1 · pcapSMTP 203.0.113.44 → mx.acme-corp.comNEW SENDER IPSender IP has zero history in the directed communication graph; first-seen inbound path from this /24.
L2 · headersSPF=softfail DKIM=none DMARC=fail Reply-To: ceo.acme@proton.meREPLY-TO MISMATCHReply-To domain does not match From. Classic look-alike: free-mail reply, corporate display name.
L3 · contentsubject="[URGENT] Wire transfer" urgency_financial_combo=0.78URGENCY + $content_scan flags the urgency_financial_combo rule — urgency keyword + amount mention + deadline within 24h.
L4 · identitydisplay_name="CEO John Doe" first_comm_window=trueIDENTITY ANOMALYidentity_anomaly: sender domain has never corresponded with this mailbox. First-contact wire-transfer asks are BEC gold.
L5 · temporalHMM phase: EXECUTE · CUSUM drift +3.2σ against baselineHMM EXECUTE5-state HMM transitioned recon → trust-build → EXECUTE over the past 8 days. CUSUM confirms baseline drift.
Fused verdictHIGH0.87Action · Quarantine + notify finance approver via SOAR playbook

Hover any line to see why Vigilyx flagged it.

Two independent deployment shapes

Pick the deployment that fits the environment. Not a migration path.

Mirror and MTA are two separate deployment shapes for two different operating models, not two phases of the same rollout. They share the same detection stack, but they are installed, operated, and evaluated independently. Run the one that matches how much of the mail path you can own.

Mirror deployment

Passive analysis next to the mail system

Vigilyx receives a copy of the traffic from a mirror / SPAN port. It reconstructs SMTP, POP3, IMAP, and webmail sessions and produces verdicts after delivery. The mail path is never touched, so the detection stack can never block mail.

  • Zero-touch — no change to MX records or SMTP routing
  • Verdicts are advisory: alert, audit, replay, tune
  • Best fit when the mail path cannot be reshaped, or for forensics and rule iteration

MTA deployment

Inline SMTP proxy that enforces before delivery

Vigilyx runs as an SMTP relay in front of the final mail server. Every message goes through it, is inspected synchronously, and is then accepted, quarantined, or rejected before delivery. Typical inline verdict <2s, with configurable fail-open.

  • Enforcing — mail actually does not reach users until Vigilyx decides
  • Accept / quarantine / reject, with fail-open safety valve
  • Best fit when the mail path can be reshaped and real blocking is required

Under the hood

Four things most email-security products do not actually have.

These are not marketing bullet points — each one is implemented in the repository and you can read it. We are only listing the detection surfaces where Vigilyx is meaningfully different from a typical mail gateway, not the table-stakes features every product in this space already ships.

01Evidence fusion

Murphy-corrected D-S fusion with Copula discount

crates/vigilyx-engine/src/fusion/murphy.rs
Read more

Not weighted-sum scoring, not a black-box classifier. A proper Dempster–Shafer implementation with Murphy's weighted-average correction and Copula-based discount for correlated detectors — so same-family signals do not amplify each other, and every verdict is explainable per-engine. Built in Rust, not a wrapper around someone else's commercial library.

Why it matters: Avoids Zadeh's paradox, handles correlated evidence explicitly, and the verdict trail is explainable per-engine instead of a single mystery score.

02Temporal layer

Full temporal layer on top of single-email verdicts

crates/vigilyx-engine/src/temporal/
Read more

CUSUM for shift detection, dual-speed EWMA for baseline drift, a marked Hawkes self-excitation process for attack-campaign tempo, a 5-state HMM that infers BEC / ATO phases (recon → trust-build → execute → exfil), plus a directed communication graph. Most mail-security products judge each email in isolation — this one doesn't.

Why it matters: Catches campaigns, slow-burn BEC, and exfil bursts that look fine one email at a time.

03AitM phishing

Reverse-proxy MFA-bypass kit fingerprinting

crates/vigilyx-engine/src/modules/aitm_detect.rs
Read more

Fingerprints the MFA-bypass tooling actually used in the wild from 2024 on — Tycoon2FA, EvilProxy, Evilginx3 — via DGA hosting on Cloudflare Workers / Pages, OAuth redirect_uri mismatches, Turnstile CAPTCHA toolkit fingerprints, and Latin/Cyrillic mixed-script brand homographs. This class of phishing bypasses traditional link reputation and attachment scanning entirely.

Why it matters: The reverse-proxy phishing surface is invisible to classic URL-reputation and sandbox-on-link stacks.

04HTML pixel art

HTML pixel art & table-cell QR detection

crates/vigilyx-engine/src/modules/html_pixel_art.rs
Read more

Attackers "draw" QR codes with <table> bgcolor cells, or assemble phishing text from floated <div>s with background-color — specifically to bypass OCR and sandbox image scanning. Vigilyx reconstructs the bitmap from DOM structure and decodes with rqrr. Unicode block-character ASCII-art QR codes in body text are decoded through the same pipeline.

Why it matters: The usual "scan images with OCR" toolchain does not see these at all.

Detection flow

Structured to be tuned like an engineering system, not sold like a black box.

The product surface is intentionally opinionated: collect enough signal, keep the fusion explainable, and make the response layer auditable. That makes it easier to reduce false positives without losing the trail.

01

Collect and normalize

SMTP, MIME, attachment, link, header, and webmail signals are normalized into a single shape the detection engine can reason about — whether they arrive from a mirror capture or from the inline MTA proxy.

02

Fuse evidence

Multiple analyzers contribute evidence into a verdict pipeline with clustered D-S fusion, module-level explanations, and clear threat scoring instead of opaque labels.

03

Respond and audit

Trigger alerts, quarantine, rescan, rejection, and analyst workflows without losing the original session, verdict trail, or operational context.

Product shape

More than a mailbox list with a risk badge.

The current project already covers the pieces teams usually end up stitching together manually: parsers, verdict fusion, content controls, operational workflows, and a UI that can actually be used for review.

20default pipeline entries

Detection stages for content, identity, link, attachment, YARA, DLP, and verdicting.

30DLP patterns

Data-security inspection paths for sensitive content and suspicious transfer behavior.

2deployment modes

Two independent shapes — mirror deployment for passive visibility, MTA deployment for inline enforcement. Pick one per environment.

Rustcore runtime

Parsing, detection, API, sniffer, and MTA code paths stay in one performance-oriented stack.

AI support

Use AI as an extra lens, not as a single point of failure.

Vigilyx can layer semantic and NLP analysis on top of deterministic detection, but the core pipeline still works when AI is disabled. That keeps operations stable while giving analysts another review lens when it is useful.

AI-assisted semantic review

Optional NLP analysis for phishing semantics, intent, and persuasion patterns — runs on pure CPU hosts with no GPU required, and can optionally call external LLMs (Claude / OpenAI) for analyst review.

Core pipeline still stands alone

Parsing, link checks, YARA, DLP, identity analysis, and verdict fusion do not depend on any single AI model.

Safer for production operations

Turn AI on where it improves analyst productivity, not because the product would stop making decisions without it.

Built for engineering-led security teams. Just clone it.

If you'd rather own the detection logic than rent a black box, Vigilyx is ready to run. Three commands, mirror or inline on the same engine. AGPL-3.0, no telemetry, no license server.

deploy.sh
# 1. Clone the repo$ git clone https://github.com/HerbiusYang/Vigilyx.git$ cd Vigilyx# 2. Initialize remote build environment (one-off)$ ./deploy.sh --init# 3. Open the dashboard→ https://localhost:8088

Released under AGPL-3.0-only.

Copyright © 2026 Vigilyx contributors