pentest-ai-agents is a collection of 28 Claude Code subagents that turn Claude into an offensive security research assistant. Each agent carries deep domain knowledge in a specific area: recon, web testing, Active Directory, cloud, mobile, wireless, social engineering, exploit chaining, detection engineering, forensics, and more.
Install the agent files. Open Claude Code. Describe your task. Claude routes to the right specialist automatically.
No servers, no dependencies, no setup beyond copying files.
One command:
curl -fsSL https://raw.githubusercontent.com/0xSteph/pentest-ai-agents/main/install.sh | bashThat's it. The script clones the repo to a temp dir, copies the 28 agents to ~/.claude/agents/, and exits. Idempotent: safe to re-run for updates.
Then open Claude Code:
"Plan an internal network pentest for a 500-endpoint AD environment with a 2-week window."
Claude routes to the engagement planner agent and produces a phased plan with MITRE ATT&CK mappings.
Prefer to clone first?
git clone https://github.com/0xSteph/pentest-ai-agents.git
cd pentest-ai-agents && ./install.sh --globalOther install options:
./install.sh --project # Install for current project only
./install.sh --global --lite # Use Haiku for advisory agents (lower cost)
./install.sh --help # All optionsSee INSTALL.md for step-by-step instructions, including first-time Claude Code setup.
| Agent | What It Does |
|---|---|
| Engagement Planner | Phased pentest plans with MITRE ATT&CK mappings, time estimates, and ROE templates |
| Recon Advisor | Parses Nmap/Nessus/BloodHound output, prioritizes targets, recommends next commands. Tier 2: executes recon tools directly. |
| OSINT Collector | Domain recon, email harvesting, social media profiling, breach data analysis |
| Exploit Guide | Attack methodology for AD, web, cloud, and post-exploitation with defensive perspective |
| Privilege Escalation | Linux and Windows privesc: SUID, tokens, services, kernel exploits, container escape |
| Cloud Security | AWS/Azure/GCP pentesting: IAM escalation, container escape, serverless exploitation |
| API Security | REST, GraphQL, WebSocket testing. OWASP API Top 10, JWT attacks, OAuth exploitation |
| Mobile Pentester | Android/iOS analysis with Frida, Objection, jadx. OWASP MASTG/MASVS mapping |
| Wireless Pentester | WPA/WPA2/WPA3, evil twin, rogue AP, enterprise 802.1X, Bluetooth security |
| Social Engineer | Phishing campaigns, pretexting, vishing for authorized red team engagements |
| Vuln Scanner | Nuclei, Nikto, Nmap NSE scans. Parses Nessus/OpenVAS results. Tier 2: executes scans. |
| Web Hunter | ffuf, gobuster, sqlmap, dalfox. Content discovery, fuzzing, WAF detection. Tier 2: executes web tools. |
| Credential Tester | Hydra, Hashcat, John, CrackMapExec. Hash identification, wordlist generation |
| Attack Planner | Correlates findings into multi-step attack chains. Scores by probability, stealth, and impact |
| Bug Bounty Hunter | HackerOne/Bugcrowd methodology, duplicate avoidance, report writing for maximum payout |
| AD Attacker | BloodHound, Impacket, CrackMapExec, Certipy. Kerberos, delegation, ACL, and cert abuse. Tier 2: executes AD tools. |
| Exploit Chainer | Chains low-severity findings into full compromise paths. Step-by-step with approval gates. Tier 2. |
| PoC Validator | Generates and safely executes proof of concept scripts. Eliminates false positives. Tier 2. |
| Swarm Orchestrator | Coordinates all agents as a red team swarm. Parallel workstreams, progress tracking. |
| Business Logic Hunter | Price manipulation, workflow bypass, race conditions, authorization flaws. Tier 2. |
| CI/CD Red Team | GitHub Actions, GitLab CI, Jenkins pipeline configs with security gates |
| Agent | What It Does |
|---|---|
| Detection Engineer | Sigma, Splunk SPL, Elastic KQL, Sentinel KQL rules with false positive tuning |
| Threat Modeler | STRIDE/DREAD analysis, attack trees, data flow diagrams |
| Forensics Analyst | Evidence acquisition, memory forensics, disk analysis, timeline construction |
| Malware Analyst | Static/dynamic analysis, reverse engineering, YARA rules, IOC extraction |
| STIG Analyst | DISA STIG compliance, GPO remediation paths, keep-open justification templates |
| Agent | What It Does |
|---|---|
| Report Generator | Professional pentest reports with executive summaries, CVSS scoring, remediation roadmaps |
| CTF Solver | HackTheBox, TryHackMe, PicoCTF. Web, pwn, rev, crypto, forensics, OSINT |
Tier 1 (all agents): Advisory mode. You paste tool output, ask methodology questions, get analysis and recommendations. You run the tools yourself.
Tier 2 (select agents): Can also compose and execute commands directly. You declare your authorized scope, the agent validates every target against it, and Claude Code shows you each command for approval before it runs.
| Tier 2 Agent | What It Executes |
|---|---|
| Recon Advisor | nmap, dig, whois, curl, netcat, traceroute, whatweb, nikto |
| Vuln Scanner | nuclei, nikto, nmap NSE scripts |
| Web Hunter | ffuf, gobuster, feroxbuster, sqlmap, dalfox, whatweb |
| AD Attacker | BloodHound, Impacket, CrackMapExec, Certipy, ldapsearch, enum4linux |
| Exploit Chainer | Multi-step chain execution with approval at each gate |
| PoC Validator | Safe, non-destructive proof of concept scripts |
| Business Logic Hunter | Logic flaw tests (price manipulation, race conditions) |
See docs/TIER2-EXECUTION.md for the full safety model.
$ claude
You: Analyze this Nmap scan and prioritize targets for our internal pentest
> Routing to recon-advisor agent...
## Prioritized Target Summary
### Critical Priority
| Host | Port | Service | Finding |
|------------|------|---------|--------------------------|
| 10.10.1.5 | 445 | SMB | SMBv1 enabled, MS17-010 |
| 10.10.1.20 | 3389 | RDP | BlueKeep (CVE-2019-0708) |
### Recommended Next Steps
1. nmap -sV --script smb-vuln* 10.10.1.5
2. crackmapexec smb 10.10.1.0/24
3. bloodhound-python -d corp.local
More examples in the examples/ directory:
| Example | Agent | What It Shows |
|---|---|---|
| Engagement Plan | engagement-planner | Full phased plan with MITRE ATT&CK mappings |
| Nmap Analysis | recon-advisor | Prioritized attack vectors with follow-up commands |
| Detection Rule | detection-engineer | Kerberoasting detection in Sigma, SPL, and KQL |
| STIG Finding | stig-analyst | STIG analysis with GPO path and keep-open template |
| Report Excerpt | report-generator | SQL injection finding formatted for a pentest report |
Run your security tools inside a Docker container to keep your workstation clean and avoid endpoint protection flags.
docker pull kalilinux/kali-rolling
docker run -it --name pentest-lab kalilinux/kali-rolling /bin/bash
apt update && apt install -y nmap nikto sqlmap metasploit-framework bloodhoundUse pentest-ai agents on your host for methodology and analysis. Run the actual tools inside the container.
Persistent SQLite storage that keeps engagement data across Claude Code sessions.
findings.sh init acme-2024 --client "ACME Corp" --type internal --scope "10.0.0.0/24"
export PENTEST_AI_ENGAGEMENT="acme-2024"
findings.sh stats # Check progress
findings.sh list vulns # See all findings
findings.sh export # Full JSON export
bash handoff.sh # Markdown handoff report for next sessionTier 2 agents write to the database automatically when findings.sh is in PATH. See docs/FINDINGS-DB.md for full docs.
Install with lite mode to run advisory agents on Haiku (lower cost, same methodology):
./install.sh --global --liteSee docs/TOKEN-OPTIMIZATION.md for the full guide.
The agents are plain markdown system prompts. The only Claude-specific part is the YAML frontmatter header. Run ./opencode-setup.sh --full to convert all agents into OpenCode custom commands that work with Ollama, LM Studio, or any local model.
See docs/LOCAL-SETUP.md for setup instructions and model recommendations.
| Document | Description |
|---|---|
| INSTALL.md | Installation guide with troubleshooting |
| Agent Guide | How each agent works and when to use it |
| Tier 2 Execution | Execution mode safety model and conversion guide |
| Local Setup | Run offline with Ollama and local GPU |
| Customization | Modify agents, change models, create new agents |
| Token Optimization | Reduce token consumption |
| Findings Database | Persistent SQLite storage for engagement data |
| Data Privacy | LLM data handling and local model options |
| Changelog | Version history |
Looking for the automated pipeline? pentest-ai is the companion MCP server with 150+ tool wrappers, autonomous exploit chaining, and CI/CD integration. Works with Claude Desktop, Cursor, VS Code Copilot, and any MCP client.
- Claude Code installed and configured
- Claude Pro or Max subscription
- For security testing: signed rules of engagement and defined scope
Contributions welcome. See docs/CONTRIBUTING.md for guidelines.
This toolkit is for authorized security testing only. Users must have proper written authorization before using these agents in any engagement. See DISCLAIMER.md for full terms.
Built by 0xSteph · pentestai.xyz
