By rssfeeds-admin 
Released on GitHub by a researcher with the alias GH05TCREW, this tool leverages large language models (LLMs) like Claude Sonnet or GPT-5 via LiteLLM to conduct sophisticated black-box security assessments.
PentestAgent operates through a terminal user interface (TUI), offering modes for assisted chats, autonomous agents, and multi-agent crews, making it accessible for pentesters seeking AI augmentation without sacrificing control. Legal use is emphasized: only test authorized systems, as unauthorized access violates laws.
Core Features and Playbooks
PentestAgent comes with its structured attack playbooks, predefined workflows for web app testing like THP3-style assessments. Users launch them via CLI: pentestagent run -t example.com --playbook thp3_web.
These playbooks guide the AI through reconnaissance, vulnerability scanning, and exploitation phases, injecting domain-specific knowledge from a Retrieval-Augmented Generation (RAG) system.
Notes captured during sessions categorized as credentials, vulnerabilities, findings, or artifacts persist in loot/notes.json and fuel a “shadow graph” in Crew mode, where an orchestrator spawns specialized workers for strategic insights.
The tool supports three operational modes, summarized below:
| Mode | Command | Description |
|---|---|---|
| Assist | (default) | Interactive chat; user directs flow. |
| Agent | /agent <task> | Autonomous single-task execution. |
| Crew | /crew <task> | Multi-agent orchestration. |
Built-in tools include a terminal (for nmap, sqlmap), a browser (via Playwright), notes, and web_search (Tavily API required). TUI commands like /target <host>, /tools, /report, and Esc-to-stop provide intuitive control, with memory usage visible via /memory.
Setup is straightforward for Python 3.10+ environments. Clone the repo (git clone https://github.com/GH05TCREW/pentestagent.git), run setup scripts (.scriptssetup.ps1 on Windows or ./scripts/setup.sh on Linux/macOS), and configure .env with an API key (e.g., ANTHROPIC_API_KEY=sk-ant-... and PENTESTAGENT_MODEL=claude-sonnet-4-20250514). Install Chromium via playwright install chromium.
Docker isolation elevates usability: pull pre-built images like ghcr.io/gh05tcrew/pentestagent:kali (packed with Metasploit, Hydra) and run with docker run -it --rm -e ANTHROPIC_API_KEY=your-key ghcr.io/gh05tcrew/pentestagent:kali. Local builds use docker compose.
A standout update is HexStrike integration, vendored in third_party/hexstrike from GitHub. This MCP (Model Context Protocol) framework exposes advanced pentesting tools—scoring, workflows—via mcp_servers.json. Manually install via scripts/install_hexstrike_deps.sh, then add configs like pentestagent mcp add nmap "npx" "-y" "gc-nmap-mcp". CLI management (pentestagent tools list, mcp test) ensures extensibility. Recent TUI fixes improve stability for long-running tasks.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post PentestAgent – AI Penetration Testing Tool With Prebuilt Attack Playbooks and HexStrike Integration appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.