explaingit

vxcontrol/pentagi

16,838GoAudience · ops devopsComplexity · 5/5Setup · hard

TLDR

Self-hosted system that uses AI agents to plan and run penetration tests automatically inside an isolated Docker sandbox, giving security engineers a team of AI specialists that execute probes with 20+ built-in security tools.

Mindmap

mindmap
  root((PentAGI))
    What it does
      AI pentest automation
      Isolated Docker sandbox
      Long-term memory store
    Tools included
      nmap scanning
      metasploit exploits
      sqlmap injection
    Tech stack
      Go backend
      PostgreSQL pgvector
      Neo4j knowledge graph
      Grafana monitoring
    Use cases
      Security testing
      Vulnerability research
      Ethical hacking
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Run automated penetration tests against a target with AI-driven planning and execution using tools like nmap, metasploit, and sqlmap

USE CASE 2

Track relationships between security findings across a test engagement using a Neo4j knowledge graph

USE CASE 3

Query test results and control the system through REST and GraphQL APIs with Bearer token authentication

USE CASE 4

Monitor AI agent activity and test metrics through Grafana dashboards and Langfuse tracing

Tech stack

GoDockerPostgreSQLNeo4jGraphQLGrafanaPrometheus

Getting it running

Difficulty · hard Time to first run · 1day+

Requires Docker Compose, multiple services (PostgreSQL, Neo4j, Grafana), and API keys for at least one LLM provider.

In plain English

PentAGI is a self-hosted system that uses AI agents to run penetration tests automatically. Penetration testing is the practice of probing a computer system for security weaknesses by acting like an attacker, PentAGI's pitch is that an AI agent can plan and execute many of those probing steps on its own, so a single security engineer can cover more ground with less manual effort. The name is short for "Penetration testing Artificial General Intelligence." Under the hood, the system runs the agent's work inside an isolated Docker sandbox and gives it a built-in suite of more than 20 professional security tools, including nmap, metasploit, and sqlmap. A team of specialized AI agents handles research, development, and infrastructure tasks separately, with optional execution monitoring and task planning. It also has a long-term memory store, a knowledge graph powered by Graphiti and Neo4j for tracking relationships between findings, a built-in scraper for browsing the web, and integrations with several search APIs. Results land in a PostgreSQL database with the pgvector extension, and there is a web UI plus REST and GraphQL APIs with Bearer token authentication. Logging and monitoring come through Grafana, Prometheus, Langfuse, Jaeger, and Loki. Information security professionals, researchers, and ethical hacking enthusiasts are the intended users. PentAGI works with more than ten LLM providers including OpenAI, Anthropic, Google Gemini, AWS Bedrock, Ollama, DeepSeek, GLM, Kimi, and Qwen, plus aggregators like OpenRouter. The backend is written in Go and deploys via Docker Compose. The full README is longer than what was provided.

Copy-paste prompts

Prompt 1
I have PentAGI running with Docker Compose. Write me a penetration test plan starting with port scanning via nmap and moving to SQL injection testing with sqlmap, structured as tasks the AI agent can execute.
Prompt 2
Show me how to configure PentAGI's docker-compose.yml to use Anthropic Claude as the LLM provider instead of OpenAI, including the required API key environment variable.
Prompt 3
Using PentAGI's GraphQL API, write a query to fetch all findings from the latest penetration test, grouped by severity, with the tool that discovered each vulnerability.
Prompt 4
Walk me through setting up PentAGI with Tailscale so the AI agent can probe machines on my private network during an authorized internal security assessment.
Open on GitHub → Explain another repo

← vxcontrol on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.