greydgl/pentestgpt

PentestGPT is a Python-based tool that automates penetration testing, which is the practice of testing computer systems and networks for security vulnerabilities in an authorized way. It uses a large language model as the reasoning engine, giving it the ability to plan attacks, execute security testing tools, and work through challenges step by step without requiring a human to direct every action. The research behind the project was published at USENIX Security 2024, one of the main academic conferences on computer security. The tool runs inside a Docker container, which provides a pre-built environment with common security testing tools already installed. You point it at a target (an IP address or hostname), and it launches an interactive interface that shows its progress in real time. It supports web application testing, cryptography challenges, binary reversing, forensics, privilege escalation, and categories that appear in security competitions called CTFs (Capture The Flag events). Sessions can be saved and resumed later. For the AI component, PentestGPT connects to an LLM provider such as Anthropic (Claude) or OpenRouter, or can route requests to a locally running model server like Ollama or LM Studio. Different tasks route to different models: standard operations go to a lighter model while complex reasoning tasks go to a larger one. The project includes a benchmark suite of 104 standardized tests from the XBOW dataset. PentestGPT achieved an 86.5 percent success rate on these benchmarks, with an average cost of about $1.11 and an average time of just over six minutes per completed test. Success rates vary by difficulty: 91 percent on level 1, 74.5 percent on level 2, and 62.5 percent on level 3. It is open source under the MIT License. Anonymous usage telemetry is collected by default (excluding any command output or credentials) and can be disabled with a command-line flag.