Released on GitHub by a researcher with the alias GH05TCREW, this tool leverages large language models (LLMs) like Claude Sonnet or GPT-5 via LiteLLM to conduct sophisticated black-box security assessments.
PentestAgent operates through a terminal user interface (TUI), offering modes for assisted chats, autonomous agents, and multi-agent crews, making it accessible for pentesters seeking AI augmentation without sacrificing control. Legal use is emphasized: only test authorized systems, as unauthorized access violates laws.
PentestAgent comes with its structured attack playbooks, predefined workflows for web app testing like THP3-style assessments. Users launch them via CLI: pentestagent run -t example.com --playbook thp3_web.
These playbooks guide the AI through reconnaissance, vulnerability scanning, and exploitation phases, injecting domain-specific knowledge from a Retrieval-Augmented Generation (RAG) system.
Notes captured during sessions categorized as credentials, vulnerabilities, findings, or artifacts persist in loot/notes.json and fuel a “shadow graph” in Crew mode, where an orchestrator spawns specialized workers for strategic insights.
The tool supports three operational modes, summarized below:
| Mode | Command | Description |
|---|---|---|
| Assist | (default) | Interactive chat; user directs flow. |
| Agent | /agent <task> | Autonomous single-task execution. |
| Crew | /crew <task> | Multi-agent orchestration. |
Built-in tools include a terminal (for nmap, sqlmap), a browser (via Playwright), notes, and web_search (Tavily API required). TUI commands like /target <host>, /tools, /report, and Esc-to-stop provide intuitive control, with memory usage visible via /memory.
Setup is straightforward for Python 3.10+ environments. Clone the repo (git clone https://github.com/GH05TCREW/pentestagent.git), run setup scripts (.scriptssetup.ps1 on Windows or ./scripts/setup.sh on Linux/macOS), and configure .env with an API key (e.g., ANTHROPIC_API_KEY=sk-ant-... and PENTESTAGENT_MODEL=claude-sonnet-4-20250514). Install Chromium via playwright install chromium.
Docker isolation elevates usability: pull pre-built images like ghcr.io/gh05tcrew/pentestagent:kali (packed with Metasploit, Hydra) and run with docker run -it --rm -e ANTHROPIC_API_KEY=your-key ghcr.io/gh05tcrew/pentestagent:kali. Local builds use docker compose.
A standout update is HexStrike integration, vendored in third_party/hexstrike from GitHub. This MCP (Model Context Protocol) framework exposes advanced pentesting tools—scoring, workflows—via mcp_servers.json. Manually install via scripts/install_hexstrike_deps.sh, then add configs like pentestagent mcp add nmap "npx" "-y" "gc-nmap-mcp". CLI management (pentestagent tools list, mcp test) ensures extensibility. Recent TUI fixes improve stability for long-running tasks.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post PentestAgent – AI Penetration Testing Tool With Prebuilt Attack Playbooks and HexStrike Integration appeared first on Cyber Security News.
The sleeve can’t charge your laptop. | Image: Razer Razer has announced an expensive new…
The Cricut Explore 5 will be available in taupe and teal color options. | Image:…
A new bill may see May 17 become Bruce Lee Day in California, thanks to…
As our exclusive, all-February-long IGN First "cover story" on the upcoming black-and-white, hand-animated first-person shooter…
The Legend of Zelda turned 40 years old this week — though Nintendo has sadly…
“Burn it all down.” For a tagline so front and center of Paramount’s marketing for…
This website uses cookies.