๐Ÿ”’SecurityRepoIndex

PentestGPT

LLM-driven pentesting copilot that chains reasoning steps with offensive tools through a REPL interface

3.9/ 53,500 GitHub starsPythonMIT

โšก TL;DR

What
LLM-driven pentesting copilot that chains reasoning steps with offensive tools through a REPL interface
Who
Pentesters, Bug Bounty Hunters, Red Teams, OSCP students
Catch
Not autonomous โ€” treat output as a junior pentester's first draft
Verdict
โญโญโญโญ Recommended

๐ŸŽฏ The Problem It Solves

Manual penetration testing is slow: a human has to hold the entire engagement in their head. PentestGPT wraps an offensive workflow in a reasoning agent so the LLM plans the next step, executes a tool, interprets the output, and loops until the objective is met. It does NOT replace a pentester; it removes the "which command do I run next" friction.

๐Ÿ”ง How It Works

PentestGPT is a Python CLI that couples a ChatGPT-class LLM with a task manager and a toolkit (Nmap, searchsploit, and extension points). You give it a target and a high-level goal; the reasoning loop proposes a step, runs the tool, feeds the output back, and decides the next move. The architecture separates the reasoning module from the execution module so you can swap in different LLMs or add custom tool wrappers. Sessions are stateful: it remembers prior steps across the engagement.

๐Ÿ–ผ๏ธ Screenshots

๐Ÿš€ Installation & Quick Start

Installation

git clone https://github.com/GreyDGL/PentestGPT.git
cd PentestGPT
pip install -r requirements.txt
echo "OPENAI_API_KEY=sk-..." > .env

Quick Start

  1. git clone https://github.com/GreyDGL/PentestGPT && cd PentestGPT
  2. pip install -r requirements.txt
  3. cp .env.example .env # then put your OpenAI key in .env
  4. python main.py --target example.com
  5. Walk through the interactive REPL โ€” it will scan, suggest exploits, and draft a report

โœ… Pros

  • โ€ขGenuinely useful as a copilot โ€” speeds up recon and exploit selection
  • โ€ขTransparent reasoning chain shows WHY it picked the next step
  • โ€ขFree, MIT-licensed, active research project
  • โ€ขExtensible with your own tools and different LLM backends

โŒ Cons

  • โ€ขNot autonomous โ€” treat output as a junior pentester's first draft
  • โ€ขHallucinates tool commands and flags; verify every invocation
  • โ€ขToken costs add up fast on large targets (GPT-4 pricing)
  • โ€ขRequires clean output parsing; brittle when tools return errors

๐Ÿ’ฌ Practitioner Verdict

"PentestGPT is the best current example of an LLM pentest copilot. It will not hack a box on its own, but for methodology guidance โ€” "what do I run next, given this output" โ€” it saves real time. The catch: every output needs verification. Treat it like a keen but hallucination-prone junior."
โ€” Emmanuel, Security Reviewer

๐Ÿ“Š Specifications

Language
Python
License
MIT
Platform
Linux, macOS, Windows
Kill Chain
Reconnaissance / Vulnerability Analysis / Exploitation
MITRE ATT&CK
T1595, T1592, T1046

๐Ÿ’ฐ Pricing Reality

PentestGPT itself is free (MIT). The real cost is API usage: GPT-4 at ~$0.01-0.10/query, free if you run a local LLM. A full engagement against a 10-host target can burn $5-15 of tokens if you let it run unsupervised.

๐Ÿ‘ฅ Community Health

Stars3,500
Forks437
Contributors70
Health Score6.2/10

๐Ÿท๏ธ Tags

AgentsLLM

๐ŸŽฌ Video Tutorials

PentestGPT AI Pentesting Demo

GreyDGL ยท 45K views ยท 20:30