Pentest AI Killer (Pentakill)
A comprehensive pentesting automation server that integrates multiple security tools with AI assistants through the Model Context Protocol (MCP).
claude-with-pentest-ai-killer.mov
- ? Web Reconnaissance - HTTP probing, crawling, URL discovery
- ? API Testing - Parameter discovery, fuzzing, API vulnerability scanning
- ? Network Discovery - Port scanning, service enumeration, SMB/RPC enumeration
- ?️ Vulnerability Assessment - XSS, SQL injection, web server scanning
- ? Password Cracking - Brute-forcing, hash cracking
- ? Comprehensive Network Pentest - Automated reconnaissance and exploitation
- ? Stress Testing - Load testing, DDoS simulation
- ☁️ Cloud Security - AWS security assessment and multi-cloud auditing
- ☸️ Kubernetes Security - Container orchestration security testing
- ? Container Security - Container and Docker security scanning
- ?️ Infrastructure as Code (IaC) - Terraform, CloudFormation security analysis
- ? MCP Integration - Direct integration with AI assistants (Claude, Cursor, etc.)
- Docker (optional) - For containerized deployment
- Git - For cloning tools from GitHub
- curl/wget - For downloading tools and wordlists
- build-essential - For compiling tools from source
- Internet connection for initial setup (downloading tools, wordlists)
- Open port 8080 for API server (configurable in
config.py)
Important Notes:
- The
install_pentest_tools.shscript is designed for Ubuntu only- Python 3.12 is recommended, but 3.10 and 3.11 are also compatible
- Some tools require Go runtime - ensure Go is properly installed and in PATH
- Minimum 10 GB free disk space is required for all tools and wordlists
Note: The Docker image currently includes only essential tools. The tool list and Dockerfile are actively being updated to include additional security tools and features.
# Build the Docker image docker build -t pentest-ai-killer . # Run the container docker run -d -p 8080:8080 --name pentest-server pentest-ai-killer # Check if it's running curl http://localhost:8080/health
- Ubuntu 20.04+ or similar Linux distribution
- Python 3.8+
- Go 1.19+
- Root/sudo access
# Clone pentest-ai-killer git clone [email protected]:vietjovi/pentest-ai-killer.git cd pentest-ai-killer # Run the installation script sudo bash install_pentest_tools.sh
Note:
If there are any tools that cannot be installed via the install_pentest_tools.sh script, you can install them manually.
# Create virtual environment python3 -m venv venv source venv/bin/activate # Install requirements pip install -r requirements.txt
Edit config.py to enable/disable tools:
TOOLS = { "web_reconnaissance": [ {"tool": "nmap", "enabled": True}, {"tool": "nuclei", "enabled": True}, # ... more tools ] }
Set "enabled": True to run a tool, or "enabled": False to skip it.
source venv/bin/activate
python3 pentest_ai_killer_server.pyServer runs on http://localhost:8080
Get server health status:
GET /health
List all tools:
GET /tools
List all categories:
GET /categories
List running processes:
GET /processes
POST /tools/{tool_name}
Content-Type: application/json
{
"targets": "example.com"
}Example:
curl -X POST http://localhost:8080/tools/nmap \ -H "Content-Type: application/json" \ -d '{"targets": "scanme.nmap.org"}'
GET /categories
Returns all available tool categories with their enabled/disabled tools and endpoints.
Execute all enabled tools in a specific category. Available endpoints:
Request Format:
POST /web-reconnaissance
Content-Type: application/json
{
"targets": "example.com",
"custom_params": {
"additional": "parameters"
}
}Example - Web Reconnaissance:
curl -X POST http://localhost:8080/web-reconnaissance \ -H "Content-Type: application/json" \ -d '{"targets": "target.com"}'
Example Response:
{
"success": true,
"category": "web_reconnaissance",
"tools_executed": ["nmap", "httpx", "nuclei", "wafw00f"],
"tools_skipped": ["osmedeus"],
"results": {
"nmap": {
"tool_name": "nmap",
"success": true,
"result": "Starting Nmap...",
"timestamp": "2025-10-05T12:00:00"
},
"httpx": {...},
"nuclei": {...}
},
"timestamp": "2025-10-05T12:05:30"
}Example - API Testing:
curl -X POST http://localhost:8080/api-testing \ -H "Content-Type: application/json" \ -d '{"targets": "https://api.example.com/v1"}'
Example - Vulnerability Assessment:
curl -X POST http://localhost:8080/vulnerability-assessment \ -H "Content-Type: application/json" \ -d '{"targets": "testsite.com"}'
Perform a quick security assessment of a web application:
# 1. Check server health curl http://localhost:8080/health # 2. List available categories curl http://localhost:8080/categories # 3. Run web reconnaissance curl -X POST http://localhost:8080/web-reconnaissance \ -H "Content-Type: application/json" \ -d '{"targets": "example.com"}'
Test an API endpoint for security vulnerabilities:
curl -X POST http://localhost:8080/api-testing \ -H "Content-Type: application/json" \ -d '{ "targets": "https://api.example.com", "custom_params": {} }'
Run a specific tool (e.g., nmap) on a target:
curl -X POST http://localhost:8080/tools/nmap \ -H "Content-Type: application/json" \ -d '{"targets": "192.168.1.1"}'
Run all vulnerability assessment tools:
curl -X POST http://localhost:8080/vulnerability-assessment \ -H "Content-Type: application/json" \ -d '{"targets": "testsite.local"}'
import requests import json # API endpoint api_url = "http://localhost:8080" # Perform web reconnaissance response = requests.post( f"{api_url}/web-reconnaissance", json={"targets": "example.com"}, headers={"Content-Type": "application/json"} ) # Parse results results = response.json() print(f"Success: {results['success']}") print(f"Tools executed: {results['tools_executed']}") print(f"Tools skipped: {results['tools_skipped']}") # Iterate through results for tool_name, tool_result in results['results'].items(): if tool_result['success']: print(f"\n{tool_name} completed successfully") print(tool_result['result'][:200]) # Print first 200 chars else: print(f"\n{tool_name} failed: {tool_result['error']}")
Connect Pentest AI Killer to Claude Desktop or Cursor AI for seamless pentesting via chat interface.
# Make sure the API server is running source venv/bin/activate python3 pentest_ai_killer_server.py
Server will run on http://127.0.0.1:8080 by default.
Install requirements:
pip install -r requirements_mcp.txt
For Cursor: Edit ~/.cursor/mcp.json
For Claude Desktop: Edit claude_desktop_config.json
Need help?
- Claude MCP docs: https://docs.claude.com/en/docs/claude-code/mcp
- Cursor MCP docs: https://cursor.com/docs/context/mcp
Add this configuration:
{
"mcpServers": {
"pentest-ai-killer": {
"command": "PYTHON_PATH",
"args": [
"PATH_TO_PENTEST_AI_KILLER_DIR/pentest_ai_killer_mcp.py",
"--server",
"http://[PENTEST_AI_KILLER_SERVER_IP:PORT]"
]
}
}
}Replace:
PYTHON_PATH→ Your Python 3 path (runwhich python3)PATH_TO_PENTEST_AI_KILLER_DIR→ Full path to your pentest-ai-killer directoryPENTEST_AI_KILLER_SERVER_IP:PORT→ Your Pentest AI Killer's server information'
Example Configuration:
{
"mcpServers": {
"pentest-ai-killer": {
"command": "/opt/homebrew/bin/python3",
"args": [
"/Users/username/pentest-ai-killer/pentest_ai_killer_mcp.py",
"--server",
"http://127.0.0.1:8080"
]
}
}
}Restart Claude Desktop or Cursor to load the MCP server.
Simply ask your AI assistant to perform pentests:
Perform a comprehensive pentest of scanme.nmap.org
Performing a website reconnaissance of target.com
Scan example.com for vulnerabilities using nuclei and wapiti
Run web reconnaissance on target.com using all available tools
The AI will automatically use the appropriate Pentest AI Killer tools!
The following tools are available through the MCP interface:
Category-Based Tools:
Cloud Security Tools (if enabled):
Utility Tools:
Example Usage with AI:
List all available pentesting tools
Show me all tools in the web_reconnaissance category
Execute nmap on target.com
Run nuclei vulnerability scan on example.com
MCP server not appearing?
- Verify API server is running:
curl http://127.0.0.1:8080/health - Check Python path:
which python3 - Ensure paths are absolute (no
~shortcuts in config) - Restart your AI assistant completely
Note: Tools marked as ⏸️ Disabled can be enabled by setting
"enabled": Trueinconfig.py
pentest-ai-killer/
├── config.py # Tool configuration
├── pentest_ai_killer_server.py # Flask API server
├── pentest_ai_killer_mcp.py # MCP server
├── install_pentest_tools.sh # Tool installation script
├── requirements.txt # Python dependencies
├── Dockerfile # Docker build configuration
└── start_mcp.sh # MCP startup script
WARNING: This tool is designed for authorized security testing only.
- Only use on systems you own or have explicit permission to test
- Unauthorized scanning/testing is illegal
- Users are responsible for compliance with all applicable laws
- The authors assume no liability for misuse
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a pull request
This project is provided for educational and authorized security testing purposes only.
source /etc/profile # Or export PATH=$PATH:$HOME/go/bin
sudo chmod +x install_pentest_tools.sh
# Clear Docker cache and rebuild docker system prune -a docker build --no-cache -t pentest-ai-killer .
Make sure the tool is installed and available in your system PATH or you have to provide an ABSOLUTE_PATH
# Examples: apt-get install -y mytool # For system packages pip3 install mytool # For Python tools go install github.com/author/mytool@latest # For Go tools
Add your tool to the appropriate category in the TOOLS dictionary:
"category_name": [ {"tool": "TOOL_NAME", "command": "COMMAND", "params": "DEFAULT_PARAMETERS", "description": "Tool description - what it does and key features", "enabled": True}, ]
Configuration Fields:
Available Categories:
web_reconnaissance- Web scanning, crawling, URL discoveryapi_testing- API security, parameter discoverynetwork_discovery- Port scanning, network enumerationvulnerability_assessment- Vulnerability scanningpassword_cracking- Password attacks, hash crackingcomprehensive_network_pentest- Full pentest suitesstress_testing- Load testing, stress testing
"web_reconnaissance": [ {"tool": "nmap", "command": "nmap", "params": "-v --open -sV -sC -T4", "description": "Network mapper - Port scanning and service detection tool", "enabled": True}, ]
Result: When a user calls the tool with target scanme.nmap.org, it executes:
nmap -v --open -sV -sC -T4 scanme.nmap.org
# Test via API curl -X POST http://localhost:8080/tools/nmap \ -H "Content-Type: application/json" \ -d '{"targets": "scanme.nmap.org"}'
✅ Use clear, descriptive tool names
✅ Set enabled: False for resource-intensive tools
✅ Test with a safe target before deploying
❌ Don't use tools requiring user interaction
❌ Don't enable all tools by default (performance impact)
Success Response:
{
"success": true,
"category": "web_reconnaissance",
"tools_executed": ["nmap", "httpx", "nuclei"],
"tools_skipped": ["osmedeus"],
"results": { ... },
"timestamp": "2025-10-05T12:00:00"
}Error Response:
{
"success": false,
"error": "Error message",
"timestamp": "2025-10-05T12:00:00"
}- ? API Authentication - Token-based authentication for API endpoints
- ? Pull Existing Report - Retrieve and analyze previous scan results
- ?️ New Pentest Tools
- Burp Suite integration
- Nessus professional scanning
- Custom exploit development framework
- ? Tool Updates - Automated updates for all integrated tools
- ? Custom Tools - Framework for adding custom security tools
Note: Features are under active development. Priority and timeline may change based on community feedback.
For issues, questions, or contributions, please open an issue on the project repository.
Made with ❤️ for the security community