██████╗ ███████╗███╗   ██╗████████╗███████╗██████╗ ███╗   ██╗
██╔══██╗██╔════╝████╗  ██║╚══██╔══╝██╔════╝██╔══██╗████╗  ██║
██████╔╝█████╗  ██╔██╗ ██║   ██║   █████╗  ██████╔╝██╔██╗ ██║
██╔═══╝ ██╔══╝  ██║╚██╗██║   ██║   ██╔══╝  ██╔══██╗██║╚██╗██║
██║     ███████╗██║ ╚████║   ██║   ███████╗██║  ██║██║ ╚████║
╚═╝     ╚══════╝╚═╝  ╚═══╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝
      autonomous code-writing recon agent · passive-only

An autonomous, code-writing pen-test intern. Give it a target, get back recon.

pentern is a minimal autonomous agent for offensive-security reconnaissance. It writes Python at runtime to chain passive recon primitives — WHOIS, DNS, HTTP fingerprinting, TLS inspection, certificate-transparency subdomain enumeration, and CVE lookups — and reports back what it found.

It's designed for one thing: drop a target in, get a structured recon summary out.

What it looks like

$ pentern example.com

██████╗ ███████╗███╗   ██╗████████╗███████╗██████╗ ███╗   ██╗
... banner ...
╚═╝     ╚══════╝╚═╝  ╚═╝ ╚═══╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝

[pentern] target: example.com  ·  model: gpt-4o-mini

[step 1] whois_lookup("example.com")          → Reserved (IANA)
[step 2] dns_records("example.com")           → A: 93.184.216.34
[step 3] tls_certificate("example.com")       → DigiCert · valid until 2026-12-23
[step 4] subdomain_enum_ct("example.com")     → 47 subdomains
[step 5] http_fingerprint("https://example.com")
[step 6] cve_search("ECS (Edgecast)")         → 0 matches

== summary ==
- 47 subdomains in CT logs; dev.example.com and mail.example.com worth a closer look
- Cert SAN list does not include cross-org hostnames
- No matching CVEs against observed banners

Why

Most agent demos are toys. Most recon scripts are linear and brittle. pentern writes its own chain at runtime — if a TLS handshake reveals a different hostname, it follows it. If a CVE search returns an interesting CPE, it pivots. The same prompt produces different (better) paths against different targets.

What it does not do

• No active scanning. No port sweeps, no fuzzing, no exploitation.
• No tool that touches the target with more than a single well-formed request.
• Everything pentern does is legal to run against any host on the public internet.

Install

pip install -r requirements.txt

Run

export OPENAI_API_KEY=sk-...        # or ANTHROPIC_API_KEY, or any LiteLLM-supported provider
pentern example.com

pentern example.com --out report.md  # new in v0.2: write a markdown report

You can also drive it programmatically:

from pentern import build_agent

agent = build_agent()
agent.run("Recon example.com and tell me anything interesting about its perimeter.")

Model backends

Defaults to gpt-4o-mini via LiteLLM. Override:

pentern example.com --model anthropic/claude-sonnet-4-5
pentern example.com --model ollama_chat/qwen2.5-coder:7b

Any LiteLLM-supported model works.

Tool inventory

Tool	What it does
whois_lookup	Registrar, creation date, name servers
dns_records	A / AAAA / MX / NS / TXT for a domain
http_fingerprint	One GET, returns status + headers + server banner
tls_certificate	TLS handshake metadata: issuer, validity, SAN list
subdomain_enum_ct	Subdomains via crt.sh certificate-transparency logs
cve_search	NVD keyword search, returns top matches with CVSS

More from 0xDexFi

• orbital — Passive subdomain-takeover scanner
• brief — Daily CVE/advisory digest agent
• secmcp — MCP server for passive security tools
• vibe-init — One-command scaffolder for AI-coder configs
• agentlint — Linter for AI-agent config files

License

MIT. See LICENSE.