“`html
PentestAgent, a free-source AI agent framework created by developer Masic (GH05TCREW), has unveiled enhanced functionalities, incorporating preconfigured attack playbooks and seamless integration with HexStrike.
Released on GitHub by a researcher using the alias GH05TCREW, this utility utilizes large language models (LLMs) such as Claude Sonnet or GPT-5 through LiteLLM to perform intricate black-box security evaluations.
PentestAgent operates via a terminal user interface (TUI), providing modes for guided chats, self-sufficient agents, and team-based operations, making it user-friendly for pentesters pursuing AI enhancement without losing command. Legal usage is stressed: only assess authorized systems, as illegal access breaches regulations.
Essential Features and Playbooks
PentestAgent is equipped with structured attack playbooks, predefined processes for web application testing resembling THP3-style evaluations. Users initiate them through CLI: pentestagent run -t example.com --playbook thp3_web.
These playbooks direct the AI through reconnaissance, vulnerability detection, and exploitation stages, incorporating domain-specific expertise from a Retrieval-Augmented Generation (RAG) system.
Notes collected during sessions categorized as credentials, vulnerabilities, findings, or artifacts are stored in loot/notes.json and enhance a “shadow graph” in Crew mode, where an orchestrator generates specialized workers for strategic insights.
The utility offers three operational modes, detailed below:
| Mode | Command | Description |
|---|---|---|
| Assist | (default) | Interactive dialogue; user guides the process. |
| Agent | /agent |
Self-governing single-task execution. |
| Crew | /crew |
Multi-agent coordination. |
Integrated tools encompass a terminal (for nmap, sqlmap), a browser (via Playwright), notes, and web_search (Tavily API required). TUI commands such as /target , /tools, /report, and Esc-to-stop ensure user-friendly control, with memory usage observable through /memory.
Configuration is simple for Python 3.10+ environments. Clone the repository (git clone https://github.com/GH05TCREW/pentestagent.git), execute setup scripts (.scriptssetup.ps1 on Windows or ./scripts/setup.sh on Linux/macOS), and adjust .env with an API key (e.g., ANTHROPIC_API_KEY=sk-ant-... and PENTESTAGENT_MODEL=claude-sonnet-4-20250514). Install Chromium via playwright install chromium.
Docker isolation enhances usability: retrieve pre-constructed images like ghcr.io/gh05tcrew/pentestagent:kali (integrated with Metasploit, Hydra) and execute with docker run -it --rm -e ANTHROPIC_API_KEY=your-key ghcr.io/gh05tcrew/pentestagent:kali. Local builds utilize docker compose.
A notable enhancement is HexStrike integration, furnished in third_party/hexstrike from GitHub. This MCP (Model Context Protocol) architecture presents advanced pentesting tools—scoring, workflows—via mcp_servers.json. Install manually through scripts/install_hexstrike_deps.sh, then incorporate configurations like pentestagent mcp add nmap "npx" "-y" "gc-nmap-mcp". CLI management (pentestagent tools list, mcp test) guarantees extensibility. Recent TUI adjustments enhance stability for prolonged tasks.
“`