Autonomous AI-Orchestrated Penetration Testing Platform
PentestAI is an AI-powered penetration testing automation platform that orchestrates security assessment workflows using LangGraph, LLMs, and industry-standard security tools.
Instead of executing individual tools manually, PentestAI coordinates reconnaissance, vulnerability scanning, AI analysis, human approval, optional exploitation, and automated reporting through an intelligent workflow.
- LangGraph-based workflow engine
- AI reasoning for vulnerability analysis
- Intelligent decision making between scanning stages
- Supports local and cloud LLM providers
- Subdomain Enumeration
- Passive Recon
- Active Recon
- Service Discovery
- Port Scanning
- Web Discovery
- Vulnerability Scanning
- CVE Enrichment
- Risk Prioritization
- Mandatory approval before exploitation
- Scope validation before every tool execution
- Consent confirmation
- Complete audit logging
- Real-time scan status
- Live command execution
- Streaming tool output
- AI reasoning visualization
- Scan history
- Markdown Report
- PDF Export
- Executive Summary
- Severity Ranking
- Remediation Recommendations
User
│
▼
React Dashboard
│
▼
FastAPI Backend
│
▼
LangGraph AI Orchestrator
│
┌───────────┼────────────┐
│ │ │
▼ ▼ ▼
Recon Vulnerability Reporting
Engine Analysis
│
▼
Human Approval
│
▼
Optional Exploitation
Input Validation
│
▼
Reconnaissance
│
▼
Scanning
│
▼
Vulnerability Analysis
│
▼
Human Approval
│
▼
(Optional)
Exploitation
│
▼
Reporting
The workflow pauses before exploitation and requires explicit operator approval before continuing. :contentReference[oaicite:1]{index=1}
- Amass
- theHarvester
- Sublist3r
- Nmap
- Masscan
- ffuf
- Gobuster
- testssl.sh
- Nuclei
- Nikto
- OpenVAS / Greenbone
- OWASP ZAP
- sqlmap
- Wapiti
- Metasploit Framework (Check Mode)
These tools are orchestrated through a unified interface rather than executed independently.
| Layer | Technology |
|---|---|
| AI Workflow | LangGraph |
| LLM | Ollama / Groq |
| Backend | FastAPI |
| Frontend | React + Vite |
| Queue | Celery |
| Cache | Redis |
| Database | SQLite |
| ORM | SQLAlchemy |
| Authentication | JWT |
| Reporting | Jinja2 + Markdown2 + WeasyPrint |
| Deployment | Docker Compose |
PentestAI includes multiple safeguards to ensure responsible usage.
- Authorized scope validation
- Human approval checkpoint
- Consent confirmation
- Audit logging
- Timeout handling
- Rate limiting
- Uniform tool interface
- Retry protection
These controls help prevent unauthorized scanning and unsafe execution.
PentestAI automatically enriches findings with:
- CVE Details
- CVSS Score
- NVD Description
- Severity Classification
- Cached Lookups
Supported through automatic extraction from tool output and metadata.
Supports scanning multiple targets simultaneously.
Features include:
- Concurrent workers
- Live dashboard updates
- Status monitoring
- Scan history
- Queue management
- SQLite WAL optimization
PentestAI/
├── backend/
├── frontend/
├── agents/
├── tools/
├── reporting/
├── workers/
├── docker/
├── docs/
├── docker-compose.yml
└── README.md
Create Scan
│
▼
Validate Target
│
▼
Recon
│
▼
Scan
│
▼
AI Analysis
│
▼
Approval
│
▼
(Optional)
Exploit
│
▼
Generate Report
- Penetration Testers
- Security Engineers
- Red Team Operators
- DevSecOps Teams
- Security Researchers
- Students learning offensive security
- Improved OpenVAS integration
- SQLMap JSON API support
- Better Gobuster parsing
- Alembic database migrations
- Advanced Metasploit integration
- Distributed rate limiting
- Enhanced AI planning
PentestAI is intended only for authorized security testing.
Running security scans against systems without explicit permission may violate applicable laws.
Always ensure you have written authorization before performing any assessment.
This project is provided as a technical framework for authorized penetration testing and cybersecurity research.
Users are responsible for ensuring all usage complies with applicable laws and permissions.
Developed by IntelForge Spec