██
██
░░░
░░░
░░░
▓▓
▓▓

██
░░
░░
▓▓▓
▓▓▓
███

░░
▓▓
██
██
██
USENIX Security 2024 · Distinguished Artifact 
██████╗ ███████╗███╗   ██╗████████╗███████╗███████╗████████╗ ██████╗ ██████╗ ████████╗
██╔══██╗██╔════╝████╗  ██║╚══██╔══╝██╔════╝██╔════╝╚══██╔══╝██╔════╝ ██╔══██╗╚══██╔══╝
██████╔╝█████╗  ██╔██╗ ██║   ██║   █████╗  ███████╗   ██║   ██║  ███╗██████╔╝   ██║
██╔═══╝ ██╔══╝  ██║╚██╗██║   ██║   ██╔══╝  ╚════██║   ██║   ██║   ██║██╔═══╝    ██║
██║     ███████╗██║ ╚████║   ██║   ███████╗███████║   ██║   ╚██████╔╝██║        ██║
╚═╝     ╚══════╝╚═╝  ╚═══╝   ╚═╝   ╚══════╝╚══════╝   ╚═╝    ╚═════╝ ╚═╝        ╚═╝

Autonomous penetration testing powered by large language models.
From reconnaissance to exploitation, fully automated.

Star on GitHub -- Read Paper
-- GitHub Stars
228.6% Performance Gain
#900 HTB Global Rank
Top 5 Distinguished Artifact
01

// Live Demos

install.cast YouTube

Docker-based installation with pre-configured security tools

demo.cast YouTube

End-to-end autonomous penetration testing on a real target

02

// About

PentestGPT harnesses the domain knowledge of large language models to automate penetration testing—a task that has traditionally required extensive human expertise.

Our framework features three self-interacting modules: reasoning, generation, and parsing. Together, they maintain testing context and execute complex attack chains autonomously.

architecture.ts 
export const modules = {
  reasoning: "strategic planning",
  generation: "command execution",
  parsing: "output analysis"
}

async function pentest(target) {
  const context = await init(target)
  while (!context.complete) {
    await modules.reasoning.plan()
    await modules.generation.execute()
    await modules.parsing.analyze()
  }
}
03

// Agentic v1.0

The latest release transforms PentestGPT from an interactive assistant into a fully autonomous penetration testing agent.

Unlike the legacy version that required manual input at each step, the new agentic pipeline operates end-to-end—from initial reconnaissance to flag capture—with minimal human intervention. 

┌─────┐
│ ◈◈◈ │
│ ─►─ │
│ ◈◈◈ │
└─────┘

Autonomous Agent

Agentic pipeline that plans, executes, and adapts without step-by-step guidance.

┌─────┐
│ ▣▣▣ │
│ ┌─┐ │
│ └─┘ │
└─────┘

Docker-First

Isolated environment with 20+ security tools pre-installed and ready to use.

┌─────┐
│ ◀▶  │
│ ─── │
│ ═══ │
└─────┘

Session Persistence

Save and resume testing sessions—pick up exactly where you left off.

quickstart.sh 
# Clone and build
git clone --recurse-submodules https://github.com/GreyDGL/PentestGPT.git
cd PentestGPT && make install

# Configure and connect
make config && make connect

# Start autonomous testing
pentestgpt --target 10.10.11.234
04

// Capabilities

┌─────┐
│ ◉◉◉ │
│ ─── │
│ === │
└─────┘

Reconnaissance

Automated target discovery, port scanning, and service enumeration with intelligent prioritization.

┌─────┐
│ !!! │
│ ███ │
│ ░░░ │
└─────┘

Vuln Analysis

AI-powered identification and assessment of security vulnerabilities across multiple attack surfaces.

┌─────┐
│ >>_ │
│ $:~ │
│ #── │
└─────┘

Exploitation

Context-aware exploit selection with intelligent payload generation and execution strategies.

┌─────┐
│ ↑↑↑ │
│root │
│ ═══ │
└─────┘

Post-Exploit

Privilege escalation, lateral movement, and comprehensive system access techniques.

05

// Results

Model Task Completion Improvement
GPT-3.5 (baseline) 35%
GPT-4 47% +34.3%
PentestGPT 80% +228.6%

Evaluated on real-world penetration testing targets including HackTheBox machines and CTF challenges across varying difficulty levels. 

    ┌──────────────────────────────────────┐
    │                                      │
    │   $ pentestgpt --init                │
    │   [+] Loading modules...             │
    │   [+] Ready for autonomous testing   │
    │                                      │
    └──────────────────────────────────────┘

Get Started

Open source and available now.

git clone