agents-for
The `/agents-for` command filters the pentest-ai agent catalog by domain or tag (web, cloud, mobile, recon, etc.) and returns a focused list of relevant agents with their tier level and matching rationale. Use this to quickly discover which specialized agents are available for your specific penetration testing task without manually reviewing the entire catalog.
mkdir -p ~/.claude/commands && curl -fsSL https://raw.githubusercontent.com/0xSteph/pentest-ai-agents/HEAD/.claude/commands/agents-for.md -o ~/.claude/commands/agents-for.mdagents-for.md
Filter the pentest-ai agent catalog by the domain or tag below and return a focused list. Filter: $ARGUMENTS Match against this taxonomy. A single argument may match multiple tags (e.g., "ad" matches both "active-directory" and "windows"). Return every agent that matches. ``` recon → recon-advisor, osint-collector, vuln-scanner osint → osint-collector web → web-hunter, api-security, bug-bounty, bizlogic-hunter, vuln-scanner api → api-security, web-hunter, bug-bounty ad / active-directory / windows → ad-attacker, credential-tester, privesc-advisor, recon-advisor cloud / aws / azure / gcp → cloud-security, cicd-redteam mobile / android / ios → mobile-pentester, reverse-engineer wireless / wifi / bluetooth → wireless-pentester social / phishing / se → social-engineer, phishing-operator exploit / exploitation → exploit-guide, exploit-chainer, poc-validator, payload-crafter payload / shellcode → payload-crafter, malware-analyst, reverse-engineer re / reverse / reversing → reverse-engineer, malware-analyst, ctf-solver malware / ir → malware-analyst, forensics-analyst, detection-engineer forensics / dfir → forensics-analyst, malware-analyst detection / blue / siem / sigma → detection-engineer, threat-modeler threat / threat-model / stride → threat-modeler stig / compliance / hardening → stig-analyst priv-esc / privilege-escalation → privesc-advisor creds / credentials / passwords / hash / cracking → credential-tester business-logic / bizlogic → bizlogic-hunter ci / cd / devsecops / pipeline → cicd-redteam plan / planning / scope / roe → engagement-planner report / reporting / writeup → report-generator ctf / htb / hackthebox / tryhackme → ctf-solver swarm / multi-agent / orchestrate → swarm-orchestrator ``` Output format: ``` **Agents for "<filter>"**: | Agent | Why it matches | Tier | |-------|----------------|------| | <name> | <one-line relevance> | 1 or 2 | | <name> | <one-line relevance> | 1 or 2 | **Suggested first command** (in your shell): > "<a one-line prompt the user can paste into Claude Code that will route to the top match>" ``` Tier 1 = advisory only. Tier 2 = can compose and execute commands with scope confirmation. Tier 2 agents: recon-advisor, vuln-scanner, web-hunter, ad-attacker, exploit-chainer, poc-validator, bizlogic-hunter. If the filter doesn't match anything in the taxonomy, return the closest matches, list the unmatched filter, and suggest 2–3 nearby tags from the taxonomy above.
>-
Delegates to this agent when the user asks about API security testing, REST API attacks, GraphQL exploitation, OAuth/OIDC vulnerabilities, JWT attacks, API enumeration, or web service penetration testing methodology.
>-
>-
>-
Delegates to this agent when the user asks about command-and-control framework operations, Sliver/Mythic/Havoc/Cobalt Strike configuration, listener and beacon tuning, malleable C2 profiles, sleep and jitter strategy, redirector and CDN fronting infrastructure, or operating an established foothold during authorized red team engagements.
>-
Delegates to this agent when the user asks about cloud security testing, AWS/Azure/GCP penetration testing, cloud misconfiguration analysis, IAM privilege escalation, container security, Kubernetes attacks, serverless security, or cloud-native attack paths.