A groundbreaking open-source toolkit named pentest-ai-agents is transforming the approach of security experts in conducting penetration tests. By leveraging AI, it converts Anthropic’s Claude Code into a powerful security research tool utilizing 28 specialized subagents.
Innovative Security Research with AI
Created by security researcher 0xSteph and available on GitHub, pentest-ai-agents comprises 28 Claude Code subagents. Each subagent is designed with extensive domain knowledge to cover the entire spectrum of penetration testing activities.
The toolkit covers a wide range of areas including reconnaissance, web application assessments, Active Directory attacks, cloud security, mobile testing, wireless threats, social engineering tactics, exploit chaining, detection strategies, forensic analysis, malware investigation, and report creation.
Instead of depending on a single generic AI model, this framework smartly directs each inquiry to the most relevant specialized agent, enhancing efficiency and accuracy.
Simple Installation and Configuration
The setup process for pentest-ai-agents is streamlined, requiring no servers, external dependencies, or complex settings. A straightforward command handles the entire installation:
bashcurl -fsSL | bashThis command clones the repository and copies all 28 agent files to the user’s system, ensuring a smooth installation. The process is idempotent, enabling safe updates upon re-execution.
Additional installation options include project-specific setups and a cost-effective lite mode that utilizes Claude Haiku to minimize token usage.
Flexible and Safe Execution Model
The toolkit offers a dual-layer execution model prioritizing safety and adaptability. Tier 1 agents function in an advisory capacity, where users input tool outputs and receive strategic advice and execution recommendations.
Tier 2 agents, however, can execute commands directly within a defined, authorized scope, requiring user confirmation before any action is taken. This includes tools like Recon Advisor, Web Hunter, AD Attacker, and others, with every action linked to MITRE ATT&CK frameworks along with defensive insights.
Data Persistence and MCP Integration
A built-in SQLite-supported findings database allows for data persistence across sessions, facilitating multi-day operations with ease. Tier 2 agents automatically update this database, and the Report Generator agent creates detailed penetration test reports.
For environments sensitive to privacy, agents can be adapted to OpenCode custom commands, suitable for local models via the opencode-setup.sh script. Additionally, a companion MCP server enhances the ecosystem with over 150 tool wrappers and CI/CD pipeline support.
Stay informed with our daily cybersecurity updates on Google News, LinkedIn, and X. Reach out to us for featuring your stories.
