Voit tout absolument tout. Sees everything, absolutely everything.
Edge tracking-prevention breaks productivity. Surveillance capitalism makes casual browsing hostile. Banking on a stock browser is a gamble against unknown JS, supply-chain skimmers, and silent fingerprinting. Argus is the workbench for a privacy-conscious operator who wants to see, decide, and audit every interaction — three isolated sandboxes, a Claude-arbitrated request pipeline, and a tamper-evident forensic trail in a single PyQt6 binary.
Three modes, three QtWebEngine profiles, zero shared cookie jars. Normal
is persistent. Privé is ephemeral and deleted on close. Coffre is
paranoid: 2FA on entry, certificate pinning, strict 3rd-party allow-list,
an anti-skimmer JS shim that intercepts setAttribute hijacks targeting
credit-card and CVV fields, DoH-forced DNS, randomized User-Agent per
session, DNT + Sec-GPC headers, and a 165-tracker hand-curated
blocklist.
Encrypted forensic ring buffer. Each event is sealed individually with AES-GCM so a tampered record self-invalidates without taking down the chain. An HMAC chain is anchored across two files for double-witness integrity. Seven-day retention, with regex redaction for passwords, session tokens, full PANs, and CVVs before anything ever lands on disk.
A heuristic risk scorer (0.0–1.0) classifies every download, form-submit, auth flow, and high-value navigation. Above the configured threshold — four levels: lax / balanced / strict / paranoid — Argus calls the Claude API (BYOK) for an arbitration verdict. Decisions are cached for 5 minutes. On timeout or malformed response, Argus falls back to the heuristic — never blocks the user on a network error.
V1 ships an in-process secret store: AES-256-GCM content encryption, DPAPI key wrap on Windows, PBKDF2 at 600 000 iterations.
V2 promotes the Vault to a cross-process REST gateway on
localhost:8769 over HTTPS with a self-signed cert and SPKI pinning. The
gateway does not trust caller-claimed identity — it resolves the PID via
psutil, hashes the resolved binary, and matches against a live
binary-hash whitelist. Responses are HMAC-signed with a per-request
nonce, each program is rate-limited to 60 req/min via token bucket, and
every access lands in an append-only HMAC-chained audit log.
Argus is protocol-ready for an AI agent. A WebSocket event bus on :8767
streams browser events; a REST tool gateway on :8768 exposes 11 tools
behind a 30-second synchronous approval gate. The protocol is
versioned — Mythos is the cage's first tenant, not its hardcoded shape.
- 4 605 lines in
argus_pyqt.py(single-binary entrypoint) - 226 pytest tests
- CI matrix: ubuntu-latest + windows-latest × Python 3.10 / 3.11 / 3.12
- Bandit High-severity gate: 0 findings
- pip-audit: clean
- 134 i18n keys × 3 langs (FR / EN / ES)
- 52 banking domains pre-detected for the cert-pinning path
- 165 trackers in the hand-curated blocklist
- 12 themes: Cyber Dark · Pro Dark · Light Pro · Hacker Green · Bank Vault · Pastel · Tokyo Night · Catppuccin Mocha · Dracula · Solarized · Gruvbox · Nord
- Quick Switcher (
Ctrl+K) · Reader Mode + AI summary (F9) · Code Sandbox (Monaco + Pyodide) · AI side panel (Ctrl+J) - GPL v3 ready
See ARCHITECTURE.md for data-flow and Mythos topology diagrams.
Beta — single-developer build, ~3 months active development, seeking design feedback. Code is private; demos available on request.
Source code is private. Open to:
- Demo walkthrough (1:1 video call)
- Licensing discussion
- Security review collaboration
- Cybersec ecosystem partnerships
Contact: sxc3030@gmail.com
Independent software engineer, Quebec. Cybersecurity + AI orchestration + 3D tooling. Practical experience across packet capture (scapy), TLS pinning, AES-GCM + DPAPI + scrypt KDF, AI integration (Claude / GPT / Gemini APIs), Qt + Godot rendering. Method: parallel AI-agent orchestration to ship multi-thousand-line features per session.
© 2026 Simon Cantin · github.com/sxc3030-eng · sxc3030@gmail.com