PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.
PentestAgent is a Python framework that puts Claude (or any LiteLLM-compatible model, including GPT-5) at the center of black-box penetration testing workflows. Users interact through a terminal UI with four distinct modes: Assist for single-shot instructions, Agent for autonomous task execution, Crew for orchestrated multi-agent runs, and Interact for guided conversational testing. Built-in tools cover terminal execution, a Playwright-based browser, notes, web search via Tavily, and a standout self-spawning mechanism called spawn_mcp_agent, which lets a running agent dynamically create isolated child agents as subordinate MCP servers over stdio, enabling hierarchical delegation without external orchestration. The framework connects to Claude through the Anthropic API using models such as claude-sonnet-4-20250514, and it exposes an MCP interface so additional servers can be attached at runtime via the /mcp command. A Kali Linux Docker image ships with Metasploit, sqlmap, and Hydra pre-installed, and prebuilt attack playbooks provide structured workflows for common assessments. The primary audience is bug bounty hunters, red teamers, and penetration testers who want an LLM-driven agent to coordinate real security tooling against live targets.
- ✓Open-source license (MIT)
- ✓Actively maintained (<30d)
- ✓Healthy fork ratio
- ✓Clear description
- ✓Topics declared
- ✓Mature repo (>1y old)
git clone https://github.com/GH05TCREW/pentestagent && cp pentestagent/*.md ~/.claude/agents/Subagents overview
What people ask about pentestagent
What is GH05TCREW/pentestagent?
+
GH05TCREW/pentestagent is subagents for the Claude AI ecosystem. PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows. It has 2.6k GitHub stars and was last updated 16d ago.
How do I install pentestagent?
+
You can install pentestagent by cloning the repository (https://github.com/GH05TCREW/pentestagent) or following the README instructions on GitHub. ClaudeWave also provides quick install blocks on this page.
Is GH05TCREW/pentestagent safe to use?
+
Our security agent has analyzed GH05TCREW/pentestagent and assigned a Trust Score of 100/100 (tier: Verified). See the full breakdown of passed checks and flags on this page.
Who maintains GH05TCREW/pentestagent?
+
GH05TCREW/pentestagent is maintained by GH05TCREW. The last recorded GitHub activity is from 16d ago, with 17 open issues.
Are there alternatives to pentestagent?
+
Yes. On ClaudeWave you can browse similar subagents at /categories/agents, sorted by popularity or recent activity.
Deploy pentestagent to your cloud
Ship this repo to production in minutes. Each platform spins up its own environment with editable env vars.
Maintain this repo? Add a badge to your README
Drop the badge into your GitHub README to show it's tracked on ClaudeWave. Each badge links back to this page and reflects the live Trust Score.
[](https://claudewave.com/repo/gh05tcrew-pentestagent)<a href="https://claudewave.com/repo/gh05tcrew-pentestagent"><img src="https://claudewave.com/api/badge/gh05tcrew-pentestagent" alt="Featured on ClaudeWave: GH05TCREW/pentestagent" width="320" height="64" /></a>More Subagents
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
The agent that grows with you
Java 面试 & 后端通用面试指南,覆盖计算机基础、数据库、分布式、高并发、系统设计与 AI 应用开发
Production-ready platform for agentic workflow development.
The agent engineering platform.
🤯 LobeHub is your Chief Agent Operator, organizing your agents into 7×24 operations by hiring, scheduling, and reporting on your entire AI team.