AIPTX Beast Mode - Fully Autonomous AI-Powered Penetration Testing Framework with exploit chains, credential harvesting, lateral movement, and stealth capabilities
Project description
AIPTX Beast Mode
Fully Autonomous AI-Powered Penetration Testing Framework
Enterprise-Grade Autonomous Security Assessment Platform
Getting Started • Features • Documentation • API Reference
AIPTX Beast Mode is an enterprise-grade, fully autonomous AI-powered penetration testing framework that leverages Large Language Models to conduct comprehensive security assessments. From reconnaissance to post-exploitation, AIPTX orchestrates the complete attack chain with intelligent decision-making, adaptive strategies, and professional reporting.
Why AIPTX Beast Mode?
| Capability | AIPTX | Traditional Tools |
|---|---|---|
| Autonomous Attack Chains | ✅ | ❌ |
| AI-Guided Decision Making | ✅ | ❌ |
| Exploit Chain Building | ✅ | ❌ |
| Credential Harvesting | ✅ | Manual |
| Lateral Movement | ✅ | Manual |
| Stealth Operations | ✅ | ❌ |
| WAF Detection & Bypass | ✅ | Limited |
| Enterprise Scanner Integration | ✅ | ❌ |
| 100+ LLM Providers | ✅ | ❌ |
| Single Command Execution | ✅ | Multiple Tools |
Key Features
Intelligence Layer
- LLM Attack Planning — AI generates strategic attack plans based on target analysis
- Chain Discovery — Automatically identifies novel attack chain combinations
- Business Logic Analysis — Detects flaws that automated scanners miss
- Adaptive Payloads — Real-time payload generation based on target responses
- Defense Adaptation — Monitors and adapts to defensive countermeasures
Exploitation Engine
- Autonomous Chain Execution — Builds and executes multi-step exploit chains
- WAF Detection & Bypass — Fingerprints 50+ WAF products with evasion techniques
- Payload Mutations — SQLi, XSS, RCE mutations with encoding variations
- Fallback Strategies — Intelligent retry with alternative techniques
Post-Exploitation
- Credential Harvesting — Extracts secrets from memory, files, browsers, cloud metadata
- Privilege Escalation — Automated privesc for Linux and Windows
- Lateral Movement — SSH/SOCKS tunneling, pivot chains, credential spraying
- Persistence — Establishes persistence mechanisms (opt-in)
Stealth Operations
- Timing Jitter — Mimics human behavior with configurable delays
- Traffic Mimicry — Blends with normal business hours traffic
- LOLBins — Living-off-the-land binary usage
- Payload Obfuscation — Multiple encoding and fragmentation techniques
Enterprise Integration
- Acunetix — Full scan management and vulnerability import
- Burp Suite Enterprise — Automated scan orchestration
- Nessus — Network vulnerability assessment integration
- OWASP ZAP — Web application security testing
Architecture
┌─────────────────────────────────────────────────────────────────────────┐
│ AIPTX BEAST MODE │
├─────────────────────────────────────────────────────────────────────────┤
│ INTELLIGENCE LAYER │
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ┌─────────────┐ │
│ │ LLM Engine │ │Attack Planner│ │Chain Builder │ │ Triage │ │
│ │ (100+ LLMs) │ │ │ │ │ │ Engine │ │
│ └──────────────┘ └──────────────┘ └──────────────┘ └─────────────┘ │
├─────────────────────────────────────────────────────────────────────────┤
│ ATTACK PIPELINE │
│ │
│ RECON ───► SCAN ───► EXPLOIT ───► POST-EXPLOIT ───► PERSIST │
│ │ │ │ │ │ │
│ ▼ ▼ ▼ ▼ ▼ │
│ Subdomains Nuclei SQLi/XSS Cred Harvest Lateral Move │
│ Tech Stack Nikto RCE/SSRF Priv Escalate Tunneling │
│ Endpoints WAF Scan Auth Bypass Cloud Secrets Persistence │
│ │
├─────────────────────────────────────────────────────────────────────────┤
│ ENTERPRISE INTEGRATION │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
│ │ Acunetix │ │Burp Suite│ │ Nessus │ │OWASP ZAP │ │
│ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │
├─────────────────────────────────────────────────────────────────────────┤
│ OUTPUT │
│ HTML Reports │ JSON Export │ REST API │ Rich TUI │
└─────────────────────────────────────────────────────────────────────────┘
Installation
Quick Install
# Recommended: Install with pipx (isolated environment)
pipx install aiptx
# Or with pip
pip install aiptx
# Full installation (all features)
pip install aiptx[full]
From Source
git clone https://github.com/aiptx/aiptx.git
cd aiptx
pip install -e ".[full]"
Setup Wizard
# Interactive setup (configures LLM, scanners, tools)
aiptx setup
Quick Start
# Basic security scan
aiptx scan example.com
# AI-guided intelligent scanning
aiptx scan example.com --ai
# Full autonomous assessment
aiptx scan example.com --full --ai
# Enable exploitation (authorized testing only)
aiptx scan example.com --full --ai --exploit
# Check configuration status
aiptx status
# Start REST API server
aiptx api
Configuration
LLM Providers
AIPTX supports 100+ LLM providers via LiteLLM:
# Anthropic
export ANTHROPIC_API_KEY="your-key"
export AIPT_LLM__MODEL="anthropic/claude-sonnet-4-20250514"
# OpenAI
export OPENAI_API_KEY="your-key"
export AIPT_LLM__MODEL="openai/gpt-4o"
# Azure OpenAI
export AZURE_API_KEY="your-key"
export AZURE_API_BASE="your-endpoint"
export AIPT_LLM__MODEL="azure/gpt-4"
# Local Models (Ollama)
export OLLAMA_API_BASE="http://localhost:11434"
export AIPT_LLM__MODEL="ollama/llama3"
# AWS Bedrock
export AWS_ACCESS_KEY_ID="your-key"
export AWS_SECRET_ACCESS_KEY="your-secret"
export AIPT_LLM__MODEL="bedrock/anthropic.claude-v2"
Enterprise Scanners
# Acunetix
export ACUNETIX_URL="https://your-acunetix:3443"
export ACUNETIX_API_KEY="your-api-key"
# Burp Suite Enterprise
export BURP_URL="http://your-burp:1337/v0.1/"
export BURP_API_KEY="your-api-key"
# Nessus
export NESSUS_URL="https://your-nessus:8834"
export NESSUS_ACCESS_KEY="your-access-key"
export NESSUS_SECRET_KEY="your-secret-key"
# OWASP ZAP
export ZAP_URL="http://your-zap:8080"
export ZAP_API_KEY="your-api-key"
Remote Execution (VPS)
# Run scans from remote VPS for OPSEC
export AIPT_VPS__HOST="your-vps-ip"
export AIPT_VPS__USER="ubuntu"
export AIPT_VPS__KEY_PATH="~/.ssh/id_rsa"
Command Reference
| Command | Description |
|---|---|
aiptx scan <target> |
Basic security scan |
aiptx scan <target> --ai |
AI-guided scanning |
aiptx scan <target> --full |
Comprehensive assessment |
aiptx scan <target> --exploit |
Enable exploitation |
aiptx scan <target> --stealth |
Stealth mode (timing jitter) |
aiptx scan <target> --container |
Container security |
aiptx scan <target> --secrets |
Secret detection |
aiptx setup |
Interactive configuration |
aiptx status |
Check configuration |
aiptx api |
Start REST API |
aiptx version |
Show version |
Use Cases
| Scenario | Command |
|---|---|
| Bug Bounty | aiptx scan target.com --ai --full |
| Penetration Testing | aiptx scan client.com --full --exploit |
| Red Team Assessment | aiptx scan target.corp --full --ai --exploit --stealth |
| DevSecOps Pipeline | aiptx scan app.com --container --secrets --json |
| Compliance Audit | aiptx scan system.com --full --html-report |
Security Tools (82+ Integrated)
AIPTX orchestrates 82+ security tools across categories:
| Category | Tools |
|---|---|
| Reconnaissance | subfinder, amass, httpx, dnsx, katana, assetfinder, waybackurls |
| Scanning | nuclei, nikto, ffuf, gobuster, dalfox, wpscan, trivy |
| Exploitation | sqlmap, hydra, commix, crackmapexec, impacket |
| Post-Exploit | linpeas, chisel, ligolo-ng, lazagne, mimikatz |
| Active Directory | bloodhound, kerbrute, enum4linux-ng, ldapdomaindump |
| Cloud | prowler, scoutsuite, pacu, cloudsploit |
| Container | trivy, grype, kube-hunter, docker-bench |
| OSINT | theHarvester, sherlock, spiderfoot, holehe |
| Secrets | gitleaks, trufflehog, detect-secrets |
Auto-Installation
# Install all security tools automatically
aiptx setup
# Select option [1] Core tools or [2] Full installation
API Reference
REST API
# Start API server
aiptx api --host 0.0.0.0 --port 8000
Endpoints
| Endpoint | Method | Description |
|---|---|---|
/health |
GET | Health check |
/projects |
GET/POST | Manage projects |
/projects/{id}/sessions |
POST | Create scan session |
/sessions/{id}/scan |
POST | Start scan |
/findings |
GET | Retrieve findings |
/tools |
GET | List available tools |
/cve/lookup |
POST | CVE lookup |
Python SDK
from aipt_v2 import AIPTClient
client = AIPTClient(base_url="http://localhost:8000")
# Create project
project = client.create_project(name="Test", target="example.com")
# Start scan
session = client.create_session(project_id=project.id)
client.start_scan(session_id=session.id, mode="full")
# Get findings
findings = client.get_findings(project_id=project.id)
Output Formats
HTML Report
Professional executive-ready vulnerability report with:
- Executive summary
- Vulnerability details with CVSS scores
- Remediation recommendations
- Evidence and screenshots
JSON Export
{
"findings": [...],
"metadata": {...},
"statistics": {...}
}
CI/CD Integration
# GitHub Actions
- name: Security Scan
run: |
pip install aiptx
aiptx scan ${{ env.TARGET }} --json > results.json
Requirements
- Python: 3.9+
- OS: Linux, macOS, Windows (WSL recommended)
- Memory: 4GB+ recommended
- Optional: Docker for sandbox execution
Supported Platforms
| Platform | Status |
|---|---|
| Linux (Ubuntu/Debian) | ✅ Full Support |
| Linux (RHEL/CentOS) | ✅ Full Support |
| Linux (Arch) | ✅ Full Support |
| Linux (openSUSE) | ✅ Full Support |
| macOS (Intel) | ✅ Full Support |
| macOS (Apple Silicon) | ✅ Full Support |
| Windows 10/11 | ✅ Full Support |
| Windows (WSL) | ✅ Recommended |
Contributing
Contributions are welcome! Please read our Contributing Guide for details.
# Clone repository
git clone https://github.com/aiptx/aiptx.git
cd aiptx
# Create virtual environment
python -m venv .venv
source .venv/bin/activate
# Install development dependencies
pip install -e ".[dev]"
# Run tests
pytest tests/ -v
License
MIT License — Free for commercial and personal use.
See LICENSE for details.
Author
Satyam Rastogi
Security Researcher & Developer
Links
- Website: aiptx.io
- Documentation: aiptx.io/docs
- PyPI: pypi.org/project/aiptx
- GitHub: github.com/aiptx/aiptx
- Changelog: CHANGELOG.md
- Issues: GitHub Issues
Star History
aiptx.io — Fully Autonomous AI-Powered Penetration Testing
Made with ❤️ by Satyam Rastogi
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
aiptx-3.1.1.tar.gz
(792.8 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
aiptx-3.1.1-py3-none-any.whl
(928.0 kB
view details)
File details
Details for the file aiptx-3.1.1.tar.gz.
File metadata
- Download URL: aiptx-3.1.1.tar.gz
- Upload date:
- Size: 792.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c541f38849ae326465edd465e86bef3b863f93baced96bf6ed2074ef92958f73
|
|
| MD5 |
4799e9f27ce546445dd36a9a0f1ad83e
|
|
| BLAKE2b-256 |
61480b87b26e71183af764356f73b3f9fd207b40b6332e0b639d900597c5b7ba
|
File details
Details for the file aiptx-3.1.1-py3-none-any.whl.
File metadata
- Download URL: aiptx-3.1.1-py3-none-any.whl
- Upload date:
- Size: 928.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c5e4cf4982cb5ce07964f8ec063720671f0c86a709c979ab5f639338860ea8bb
|
|
| MD5 |
af6c3bcab604d30cbaf8fe2105c4274d
|
|
| BLAKE2b-256 |
354b7552d5e58baafcbc9bc3a01c5eb3f78aa50046ed1bb992002630bda9a293
|
