Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
EY Data Breach: Attackers Access IT Support, Download Documents
July 17, 2026
Ransomware Attack Halts Fairlife Production Across US
July 17, 2026
PentestCode AI Agent Automates Pen Testing with 18 Specialized Tools
July 17, 2026
Home/CyberSecurity News/PentestCode AI Agent Automates Pen Testing with 18 Specialized Tools
CyberSecurity News

PentestCode AI Agent Automates Pen Testing with 18 Specialized Tools

Key Takeaways A new open-source AI agent, PentestCode, has been released to automate penetration testing workflows. Developed as a hard fork of OpenCode, PentestCode employs a multi-agent...

David kimber
David kimber
July 17, 2026 3 Min Read
3 0

Key Takeaways

  • A new open-source AI agent, PentestCode, has been released to automate penetration testing workflows.
  • Developed as a hard fork of OpenCode, PentestCode employs a multi-agent architecture to perform reconnaissance, scanning, enumeration, and exploitation with minimal human input.
  • The tool integrates 18 specialized offensive security tools and maintains a unified, persistent engagement state across operations.
  • While powerful for methodical enumeration, PentestCode is currently in beta, lacks a GUI, and is not designed for stealthy red team operations.

PentestCode: An AI Agent for Automated Penetration Testing

A novel open-source solution named PentestCode is revolutionizing offensive security by integrating autonomous AI agents directly into penetration testing methodologies. This tool, a specialized variant of OpenCode, is engineered to execute security utilities, process their outputs, and make strategic decisions from a command-line interface, significantly reducing the need for human intervention.

Table Of Content

  • Key Takeaways
  • PentestCode: An AI Agent for Automated Penetration Testing
  • Advanced Multi-Agent Architecture
  • Unified Engagement State and Attack Pathing
  • Integrated Tooling and Knowledge Packs

The core innovation of PentestCode lies in its ability to automate entire penetration testing workflows. A security professional can initiate an operation with a simple directive, such as targeting a specific IP address with the objective of achieving domain administrator privileges. From this single instruction, PentestCode’s coordinator agent assumes control, orchestrating the entire engagement.

For instance, the system automatically performs an nmap -sS -p- scan, meticulously parsing the results into a structured engagement state. It intelligently identifies critical patterns, such as the presence of ports 88 and 389, indicating a potential Domain Controller.

Advanced Multi-Agent Architecture

Building on its initial reconnaissance, PentestCode deploys multiple parallel enumeration subagents dedicated to services like SMB, LDAP, and HTTP. It then attempts sophisticated attacks, such as AS-REP roasting, to harvest crackable Kerberos hashes. Any credentials successfully obtained are subsequently sprayed across all identified services, including SMB, WinRM, LDAP, and RDP.

A successful login via WinRM triggers a specialized post-exploitation agent. This agent proceeds to dump sensitive data, including SAM, LSA, and DPAPI secrets. Every action taken by the system is meticulously logged, creating a comprehensive evidence chain for review.

Zhangir Ospanov developed PentestCode, which leverages a strategist-coordinator design inspired by HPTSA research. Its creators assert that this multi-agent approach significantly enhances efficiency, delivering a 4.3x improvement over single-agent systems.

The architecture comprises thirteen distinct agents, each specializing in roles such as reconnaissance, scanning, enumeration, exploitation, Active Directory/Kerberos identity attacks, infrastructure protocols (SNMP, IPMI), web application testing, post-exploitation, exploit development, false-positive filtering, and reporting. All these agents contribute to and draw from a unified, real-time engagement state.

Unified Engagement State and Attack Pathing

The shared engagement state is perhaps PentestCode’s most distinguishing feature. It systematically tracks hosts, services, identified vulnerabilities (complete with confidence scores and status), credentials, and access levels. Furthermore, it constructs an entity relationship graph, linking findings through labels such as EXPLOITED_VIA and PIVOT_TO.

An integrated attack-path module employs Dijkstra’s algorithm and Yen’s K-shortest-paths algorithm to propose optimal routes through this complex relationship graph. The persistence of this state across sessions allows testers to seamlessly resume multi-day engagements without any loss of context.

Integrated Tooling and Knowledge Packs

Beyond generic shell access, PentestCode integrates 18 specialized tools specifically designed for offensive operations. These include parsers that convert raw output from Nmap, Nuclei, NetExec, Gobuster, BloodHound, and sqlmap directly into structured state entries. The mandatory use of these parsers ensures that no critical findings are overlooked due to manual review.

Additional functionalities encompass JWT analysis, XSS detection, credential-spray planning, scope validation, tunnel management, and automated report generation.

The agent’s domain knowledge is further expanded by nineteen on-demand “skill” packs. These markdown-based files contain comprehensive checklists for various phases, service-specific tactics, and playbooks for Active Directory, web applications, and cloud environments, all without requiring any code modifications.

The tool can be downloaded from GitHub. Developers note that PentestCode is “not stealthy,” making it less suitable for red-team operations requiring advanced OPSEC, and may occasionally perform redundant tool executions.

Operational costs for real engagements can range from $5 to $50, depending on the scope and the chosen Large Language Model (LLM). Claude Opus/Sonnet are cited as outperforming GPT-4o and local models for multi-agent coordination tasks.

Security teams considering AI-driven offensive tools should be aware that PentestCode is still in beta. It currently lacks a graphical user interface (GUI), Burp Suite integration, and features evolving APIs. This positions it as a powerful force multiplier for systematic enumeration and data gathering rather than a complete substitute for human expertise in complex exploit chain development or creative attack strategies.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackExploitSecurity

Share Article

David kimber

David kimber

David is a penetration tester turned security journalist with expertise in mobile security, IoT vulnerabilities, and exploit development. As an OSCP-certified security professional, David brings hands-on technical experience to his reporting on vulnerabilities and security research. His articles often feature detailed technical analysis of exploits and provide actionable defense recommendations. David maintains an active presence in the security research community and has contributed to multiple open-source security tools.

Previous Post

AWS Cost Explorer Bug Exposes Trillion-Dollar Billing Estimates

Next Post

Ransomware Attack Halts Fairlife Production Across US

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
ClickLock macOS Stealer Kills Apps, Forces Password Entry
July 17, 2026
Top 10 Identity Threat Detection and Response (ITDR) Solutions for 2026
July 17, 2026
GPT-5.6 Codex Bug Deletes Files From Home Directories
July 17, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Emy Elsamnoudy
Emy Elsamnoudy
Jennifer sherman
Jennifer sherman
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us