OffensiveAI Pentest Agent

Built for testers who want to think, not babysit.

Agent-Smith

An autonomous pentest agent that thinks like an attacker. Point it at a URL, a repo, or a network and it runs the whole engagement itself—recon, exploitation, proof, remediation, and reporting—chaining 25+ specialized skills without a human stitching the steps together.

agent-smith · engagement #4192 LIVE
World model
Target Host Endpoint Vuln
Click a node to inspect it.
Findings by severity
Critical1
High0
Medium2
Low3
14:22:07 [recon] host discovered: app.example.com
14:22:19 [recon] +12 hosts · 47 endpoints → world model
14:22:41 [web-exploit] ✗ SQLi node linked to /api/v1/user
14:23:19 [remediate] ✓ patch generated · tests pass
14:23:20 ✓ report.md ready — 1 critical, 2 medium

A live world model — every host, endpoint, and finding, linked as it scans.

One brain, every attack surface.

Every surface

25+ specialized skills spanning web, network, cloud, Active Directory, AI red-team, white-box source review, and threat modeling.

Self-chaining skills

Detects a SQL injection, pivots to exploitation, writes the PoC—no manual stitching. The LLM decides what to run next based on what it just found.

Sandboxed by default

50+ security tools run inside an ephemeral Kali Docker sandbox with hard cost, time, and call-count limits enforced server-side. The agent improvises; the blast radius doesn't.

Bring your own LLM

Claude, OpenAI Codex, Gemini, Ollama, OpenRouter—or fully local on your own GPU via vLLM. The methodology ships with the skill; the model does the thinking.

Run an engagement.

Pick a target and watch Smith work — it fingerprints the surface, chains the right skills, and reports what it finds. Same brain, five very different targets.

agent-smith · sandbox LIVE
Pick a target — click one
Engagement
SurfaceWeb app
Skill chain/pentester → /web-exploit → /remediate
Result1 critical · 2 medium
$ /pentester scan https://staging.example.com depth=thorough
[recon] Next.js · PostgreSQL · 47 endpoints
[web-exploit] ✗ blind SQLi at /api/v1/user
[remediate] ✓ patch · tests pass
✓ report.md — 1 critical, 2 medium

One agent, five surfaces — each run picks and chains its own skills.

It remembers what it finds.

As Agent-Smith scans, it builds a knowledge graph of the target—hosts, ports, services, endpoints, technologies, credentials, and vulnerabilities, linked by how they relate. Findings reference the exact node they came from, coverage is tracked endpoint×technique, and the whole model persists to findings.json. That shared context is what lets skills chain intelligently instead of running blind.

Two ways to work with Smith.

Autonomous mode

Give it a target—full engagement end-to-end, no human in the loop. Returns a report with every finding verified and a working PoC. Built for CI/CD, continuous testing, and dev self-serve.

Augmented mode · RECOMMENDED

A human expert drives strategy; Smith runs 50+ tools in parallel, tracks coverage, and writes the report—steer it live from the dashboard at localhost:7777. For high-value engagements and complex targets.

PythonPoetryFastAPIDockerMCPNode 18+

Clone, install, scan.

terminal
$ git clone --recursive https://github.com/0x0pointer/agent-smith
$ cd agent-smith && ./installers/install.sh # or install_codex.sh / install_opencode.sh
 
$ claude -p "/pentester scan https://staging.example.com depth=thorough"
 
watch it work at localhost:7777

Requires Docker Desktop & Poetry. Run headless (above) or type claude to steer it yourself.

Deploy Agent-Smith.

Open source, self-hosted, and model-agnostic. Clone it, point it at a target, and watch it work.