Welcome to the repository for AI Pentest Copilot, an innovative AI-powered tool designed to enhance penetration testing and cybersecurity training. The PoC uploaded to this repository was developed as part of the larger AI Pentest Copilot project, which I was involved in from July to November 2024. Initially presented at CiberEmprende 2024, this PoC showcases the potential of the project, which later evolved into a comprehensive Breach and Attack Simulation (BAS) solution.
AI Pentest Copilot is an advanced cybersecurity platform that autonomously executes full-spectrum penetration tests across diverse environments, including Active Directory, Cloud, Wi-Fi, and internal networks. By leveraging AI capabilities, the tool provides flexibility to users, ranging from step-by-step guidance to fully autonomous operations.
-
Operational Modes:
- Assistant Mode: Ideal for learning and guided exercises, providing step-by-step guidance for beginners and interns.
- Pentest Mode (Semi-Automatic): Users select from AI-recommended actions, perfect for structured intrusion exercises.
- BAS Mode (Fully Automatic): Fully autonomous execution for adversary simulations and deep assessments.
-
Testing Approaches:
- Learner Mode: Conducts tests using the tool's internal knowledge base.
- Knowledge Mode: Executes tests based on custom, organization-specific instructions.
-
Deployment Flexibility:
- Standalone agent, virtual machine, or enterprise-integrated platform.
- Seamlessly adapts to environments using configurations like WSL for Linux commands on Windows.
-
AI Integration:
- Connects to either a local generative AI model or a secure online service, respecting diverse security policies.
- Cybersecurity Training:
- Train interns and junior team members using Assistant Mode for hands-on learning.
- Structured Testing:
- Execute targeted penetration tests with Pentest Mode for controlled simulations.
- Adversary Emulation:
- Perform comprehensive assessments with BAS Mode for adversary simulations.
-
System Requirements:
- OS: Windows (with WSL for Linux-based operations)
- Hardware: Minimum 8GB RAM (16GB recommended), modern CPU with virtualization support
-
Dependencies:
- Python 3.9+
- Required Python packages (see requirements.txt)
- Python 3.9+
- Clone the repository:
git clone https://github.com/TheMalwareGuardian/AIPentestCopilot
cd AIPentestCopilot- (Optional) Set up a virtual environment:
python -m venv venv
.\venv\Scripts\activate- Install dependencies:
pip install -r requirements.txt- Edit the config file 'CopilotBackend/config.ini' to set the necessary API keys
-
Start the Backend: Navigate to the CopilotBackend directory and run the backend server.
cd CopilotBackend python app.py -
Deploy the Frontend: Navigate to the CopilotFrontend directory and follow the setup instructions to run the frontend interface.
cd CopilotFrontend npm install npm start -
Once both the frontend and backend are running, you can access the AI Pentest Copilot via the web interface 'http://localhost:3000/' using the credentials 'lazy:pentest'.
Below are some screenshots illustrating the functionality and user interface of AI Pentest Copilot.
Figure 1: The login page of AI Pentest Copilot, where users authenticate to access the platform. This step ensures secure access and proper role-based functionality. (Default credentials: lazy,pentest)
Figure 2: The main dashboard provides an overview of the tool, including available modes (Assistant, Pentest, and BAS), current assessments, and quick access to key functionalities.
Figure 3: The Mitre ATT&CK Enterprise Matrix integration displays tactics and techniques in a structured way, enabling users to visualize adversary behaviors and map security assessments accordingly.
Figure 4: The BAS Resources section lists key assets such as uploaded files, knowledge bases, or configurations required for the assessment process. Users can manage these resources efficiently through this interface..
Figure 5: A list of previous conversations and assessments, allowing users to resume or review prior work seamlessly. This feature supports continuity in pentesting exercises.
Figure 6: A detailed view of a previous chat in Assistant Mode, showcasing step-by-step guidance provided to the user for performing penetration testing tasks.
Figure 7: The New Assessment page allows users to configure and initiate a fresh penetration test or simulation, selecting the appropriate environment and desired objectives.
Figure 8: The adversary simulation chat interface demonstrates how commands are executed and their results are analyzed. The tool extracts and executes commands directly and does so autonomously as many times as specified.
Figure 9: The Pentester Chat interface showcases semi-automatic mode, where users receive AI recommendations and can select specific actions to carry out. This mode is ideal for structured but hands-on engagements..
This repository contains the PoC that I initially developed to kickstart the project and showcase its potential. Since this PoC has fewer corporate restrictions compared to the finalized project, it is the version I shared at the CiberEmprende event and am now uploading here upon request from colleagues who expressed interest in creating similar solutions.
It is important to note that this PoC has the following characteristics:
- Works exclusively with GPT models and does not support local AI models (you only need to modify a few functions, it won't take much).
- Focuses on Active Directory-based audits. To enable other types of assessments, such as cloud or Wi-Fi audits, users will need to extend and modify the code.
- While the core functionality is showcased, key components and advanced features are omitted for security and proprietary reasons.
- The code is intentionally shared without comments or a refined structure due to company policies that restrict the release of internal development and specific implementation details.
- The project is provided "as-is," and users are encouraged to adapt and expand it to meet their specific needs.
For questions or feedback, feel free to contact me via LinkedIn. Happy testing!