JSPM

pentesting

0.8.33
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 1399
  • Score
    100M100P100Q107356F
  • License MIT

Autonomous Penetration Testing AI Agent

Package Exports

  • pentesting
  • pentesting/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (pentesting) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

   ██████╗ ███████╗███╗   ██╗████████╗███████╗███████╗████████╗██╗███╗   ██╗ ██████╗ 
   ██╔══██╗██╔════╝████╗  ██║╚══██╔══╝██╔════╝██╔════╝╚══██╔══╝██║████╗  ██║██╔════╝ 
   ██████╔╝█████╗  ██╔██╗ ██║   ██║   █████╗  ███████╗   ██║   ██║██╔██╗ ██║██║  ███╗
   ██╔═══╝ ██╔══╝  ██║╚██╗██║   ██║   ██╔══╝  ╚════██║   ██║   ██║██║╚██╗██║██║   ██║
   ██║     ███████╗██║ ╚████║   ██║   ███████╗███████║   ██║   ██║██║ ╚████║╚██████╔╝
   ╚═╝     ╚══════╝╚═╝  ╚═══╝   ╚═╝   ╚══════╝╚══════╝   ╚═╝   ╚═╝╚═╝  ╚═══╝ ╚═════╝ 

Autonomous AI Penetration Testing Agent

npm version License: MIT


Quick Start

# Docker required for security tools (nmap, rustscan, etc.)
# Install: https://docs.docker.com/get-docker/
open -a Docker  # macOS - start Docker Desktop

npm install -g pentesting

# Set API key
export PENTEST_API_KEY="your_api_key"

# Optional: Custom API endpoint
export PENTEST_BASE_URL="https://api.z.ai/api/anthropic"   
export PENTEST_MODEL="glm-4.7"                       

pentesting

Environment Variables

Variable Required Default Description
PENTEST_API_KEY - API key (ANTHROPIC_API_KEY also works)
PENTEST_BASE_URL - Custom API endpoint URL
PENTEST_MODEL claude-sonnet-4-20250514 LLM model name
PENTEST_MAX_TOKENS 16384 Max response tokens

Features

  • Soul Architecture - ReAct pattern: Think → Act → Observe → Reflect
  • 9 Specialized Agents - Recon, Exploit, PrivEsc, Web, Crypto...
  • 80%+ Confidence Filter - Only high-confidence findings
  • D-Mail Time Travel - Auto-recovery from dead ends
  • 50+ Security Tools - nmap, sqlmap, gobuster, hydra...

Commands

Command Description
/target <ip> Set target
/start [objective] Start autonomous pentest
/findings Show findings
/status Status
/yolo Toggle auto-approve
/help Help

Documentation


License

MIT

⚠️ For authorized security testing only.