Skip to main content

AI-powered penetration testing and bug hunting CLI tool

Project description

BugPilot CLI

AI-Powered Autonomous Penetration Testing & Security Research Assistant

Version Python License

Developer: LAKSHMIKANTHAN K (letchupkt)
Portfolio: letchupkt.vgrow.tech


๐Ÿš€ Quick Start

# Install
pip install bugpilot-cli

# Run
bugpilot

# Configure
/configure

โœจ Features

Core Capabilities

  • ๐Ÿค– AI-Powered Analysis - 5 AI providers (Gemini, OpenAI, Groq, Ollama, Anthropic)
  • ๐Ÿ› ๏ธ 50+ Pentesting Tools - Auto-install & management
  • ๐Ÿ“ File System Access - Read, analyze, and work with files
  • ๐ŸŽจ 5 Modern Themes - Ocean, Sunset, Neon, Forest, Midnight
  • ๐Ÿ”„ Auto-Updates - Stay current with PyPI
  • โšก Intelligent Autocomplete - / commands, @ files, # folders

Advanced Features

  • Dual Modes: Normal (guided) & Hacker (autonomous)
  • Multi-API Keys: Store all provider keys, switch instantly
  • Token Optimization: Agentic methodology reduces AI calls by 90%
  • Cross-Platform: Windows, Linux, macOS, Termux

๐Ÿ“ฆ Installation

Method 1: PyPI (Recommended)

pip install bugpilot-cli

Method 2: From Source

git clone https://github.com/letchupkt/bugpilot-cli.git
cd bugpilot-cli
pip install -e .

Requirements

  • Python 3.8+
  • Internet connection (for AI APIs)
  • API keys for desired AI providers

๐ŸŽฏ Usage

Basic Usage

bugpilot

Commands

/help       - Show all commands
/configure  - Configure AI provider & settings
/tools      - View 50+ pentesting tools
/update     - Check for updates
/portfolio  - Visit developer portfolio
/mode       - Switch normal/hacker mode
/settings   - View current configuration
/clear      - Clear conversation context
/exit       - Exit BugPilot

Autocomplete

  • Type / for command suggestions
  • Type @ for file suggestions
  • Type # for folder suggestions

โš™๏ธ Configuration

First-Time Setup

bugpilot
/configure

Configure Multiple API Keys (One-Time)

Select AI provider: gemini
Gemini API Key: AIza...

Select AI provider: openai  
OpenAI API Key: sk-...

Select AI provider: groq
Groq API Key: gsk_...

Environment Variables (Alternative)

export GEMINI_API_KEY="your-key"
export OPENAI_API_KEY="your-key"
export GROQ_API_KEY="your-key"
export ANTHROPIC_API_KEY="your-key"

Configuration File

Located at: ~/.bugpilot/config.json

{
  "model": {
    "provider": "gemini",
    "model_name": "gemini-2.0-flash-exp",
    "api_keys": {
      "gemini": "AIza...",
      "openai": "sk-...",
      "groq": "gsk_...",
      "anthropic": "sk-ant..."
    }
  },
  "mode": "normal",
  "terminal_theme": "ocean",
  "auto_update_check": true
}

๐Ÿ› ๏ธ Features Deep Dive

1. AI Provider Support

Supported Providers:

  • Gemini (Google) - gemini-2.0-flash-exp, gemini-1.5-pro
  • OpenAI - gpt-4o, gpt-4-turbo, gpt-3.5-turbo
  • Groq - llama-3.3-70b-versatile, mixtral-8x7b
  • Ollama (Local) - llama3.2, qwen2.5, mistral
  • Anthropic - claude-3.5-sonnet, claude-3-opus

Easy Switching:

/mode
# Select provider: openai
# Uses saved API key automatically!

2. Pentesting Tools (50+)

Categories:

  • Network Scanning (nmap, masscan)
  • Web Scanning (nikto, wpscan, nuclei)
  • Fuzzing (ffuf, gobuster)
  • Reconnaissance (subfinder, amass, httpx)
  • Exploitation (sqlmap)
  • And many more...

Auto-Install in Hacker Mode:

# Switch to hacker mode
/mode hacker

# Use a tool - it auto-installs if missing!
[!] You: scan target.com with nmap
[>>] Tool 'nmap' not found. Installing...
[+] Successfully installed nmap
[>>] Running: nmap -sV target.com

View All Tools:

/tools

3. Intelligent Autocomplete

Command Autocomplete (/):

[+] You: /h
         /help      โ† Press Tab
         /configure

File Autocomplete (@):

[+] You: analyze @con
              @config.py  โ† Press Tab
              @config.json

Folder Autocomplete (#):

[+] You: scan #bug
           #bugpilot  โ† Press Tab
           #build

4. File System Access

Read Files:

[+] You: read setup.py
[>>] Reading setup.py...
[AI] The setup.py file contains...

Analyze Projects:

[+] You: analyze the entire bugpilot folder
[>>] Scanning directory...
[AI] Found 11 Python modules, analyzing structure...

Search Files:

[+] You: find all files with "config" in the name
[>>] Searching...
[+] Found: config.py, config.json

5. Auto-Update

Automatic Check (on startup):

[!] Update available: v1.0.0 โ†’ v1.1.0
[*] Run /update to install

Manual Update:

/update

[>>] Checking for updates...
[!] Update Available: v1.1.0
Install now? [y/n]: y
[>>] Updating...
[+] Successfully updated!
[!] Please restart: bugpilot

Disable Auto-Check:

/configure
# Check for updates on startup? [y/n]: n

๐ŸŽจ Themes

5 Built-in Themes:

/configure
# Select theme:
1. ocean    - Blue ocean waves
2. sunset   - Warm sunset colors
3. neon     - Vibrant neon lights
4. forest   - Natural forest greens
5. midnight - Dark midnight blue

๐Ÿ’ก Use Cases

Security Research

[+] You: explain CVE-2024-12345
[AI] BugPilot: CVE-2024-12345 is a critical...

Vulnerability Scanning

[!] You: full reconnaissance on target.com
[>>] Executing autonomous workflow...
[*] Step 1/5: Port scanning with nmap
[*] Step 2/5: Subdomain enumeration
[*] Step 3/5: HTTP probing
[*] Step 4/5: Vulnerability scanning
[*] Step 5/5: Report generation
[+] Complete! 3 critical findings.

Code Analysis

[+] You: analyze this Python code for security issues
[+] You: @vulnerable.py
[AI] Analyzing... Found 2 SQL injection risks...

Exploit Development

[+] You: generate a POC for buffer overflow
[AI] Here's a proof-of-concept...

๐Ÿ”ง Advanced Usage

Hacker Mode (Autonomous)

/mode hacker

# Auto-executes commands
# Auto-installs tools
# Advanced capabilities
# Requires authorization!

Custom Workflows

[!] You: create a penetration testing workflow for web apps
[AI] I'll create a comprehensive workflow...

Token Optimization

Uses agentic methodology to reduce AI calls:

  • Predefined pentesting workflows
  • Built-in tool knowledge
  • Automated decision-making
  • 90%+ token savings

๐Ÿ“Š Technical Details

Architecture

bugpilot-cli/
โ”œโ”€โ”€ bugpilot/
โ”‚   โ”œโ”€โ”€ __init__.py       - Package initialization
โ”‚   โ”œโ”€โ”€ cli.py            - Main CLI interface
โ”‚   โ”œโ”€โ”€ agent.py          - AI agent logic
โ”‚   โ”œโ”€โ”€ models.py         - AI model integrations
โ”‚   โ”œโ”€โ”€ config.py         - Configuration management
โ”‚   โ”œโ”€โ”€ toolmanager.py    - Tool management
โ”‚   โ”œโ”€โ”€ filesystem.py     - File system access
โ”‚   โ”œโ”€โ”€ autocomplete.py   - Autocomplete engine
โ”‚   โ”œโ”€โ”€ terminal_ui.py    - UI & themes
โ”‚   โ”œโ”€โ”€ prompts.py        - System prompts
โ”‚   โ”œโ”€โ”€ updater.py        - Auto-update system
โ”‚   โ”œโ”€โ”€ mcp.py            - MCP protocol
โ”‚   โ””โ”€โ”€ utils.py          - Utilities
โ”œโ”€โ”€ test.py               - Test suite (19 tests)
โ”œโ”€โ”€ setup.py              - Package setup
โ””โ”€โ”€ requirements.txt      - Dependencies

Dependencies

google-generativeai  # Gemini
openai               # OpenAI/ChatGPT
anthropic            # Claude
groq                 # Groq
requests             # HTTP
rich                 # Terminal UI
pydantic             # Data validation
prompt_toolkit       # Autocomplete
packaging            # Version comparison

๐Ÿงช Testing

Run Tests

python test.py

Test Coverage

  • โœ… Configuration management
  • โœ… Multiple API keys
  • โœ… Tool manager
  • โœ… Autocomplete system
  • โœ… AI model integration
  • โœ… File system access
  • โœ… Auto-updater
  • โœ… UI themes (no emojis)
  • โœ… 19 tests, 100% pass rate

๐Ÿ”’ Security & Ethics

Ethical Use Only

BugPilot CLI is designed for:

  • โœ… Authorized penetration testing
  • โœ… Security research
  • โœ… Educational purposes
  • โœ… Vulnerability assessment (with permission)

NOT for:

  • โŒ Unauthorized access
  • โŒ Illegal activities
  • โŒ Malicious hacking
  • โŒ Any unlawful purposes

Disclaimer

Users are responsible for ensuring they have proper authorization before testing any systems. Always follow responsible disclosure practices.


๐Ÿค Contributing

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Add tests
  5. Submit a pull request

๐Ÿ“ Changelog

v1.0.0 (2025-12-17)

  • โœ… Initial release
  • โœ… 5 AI provider support
  • โœ… 50+ pentesting tools
  • โœ… Intelligent autocomplete
  • โœ… Multiple API key storage
  • โœ… Auto-update system
  • โœ… 5 modern themes
  • โœ… File system access
  • โœ… 100% ASCII UI
  • โœ… Cross-platform support
  • โœ… Comprehensive test suite

๐Ÿ› Troubleshooting

Issue: "API key required"

# Solution: Configure API key
/configure
# or set environment variable
export GEMINI_API_KEY="your-key"

Issue: "Tool not found"

# Solution: Use hacker mode for auto-install
/mode hacker
# or install manually

Issue: "Import error"

# Solution: Reinstall dependencies
pip install --upgrade bugpilot-cli

๐Ÿ“š Resources


๐Ÿ“„ License

MIT License - See LICENSE file for details


๐Ÿ‘ค Author

LAKSHMIKANTHAN K (letchupkt)


๐ŸŒŸ Support

If you find BugPilot CLI useful:

  • โญ Star the repository
  • ๐Ÿ› Report bugs
  • ๐Ÿ’ก Suggest features
  • ๐Ÿค Contribute code

๐ŸŽฏ Quick Reference

# Install
pip install bugpilot-cli

# Run
bugpilot

# Configure
/configure

# Commands
/help       # Show all commands
/tools      # View tools
/update     # Check updates
/mode       # Switch mode
/exit       # Quit

# Autocomplete
/           # Commands
@           # Files
#           # Folders

BugPilot CLI - The Ultimate AI-Powered Pentesting Assistant

๐Ÿ”ด Configure Once. Hack Forever. ๐Ÿ”ด

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bugpilot_cli-1.2.2.tar.gz (44.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

bugpilot_cli-1.2.2-py3-none-any.whl (45.8 kB view details)

Uploaded Python 3

File details

Details for the file bugpilot_cli-1.2.2.tar.gz.

File metadata

  • Download URL: bugpilot_cli-1.2.2.tar.gz
  • Upload date:
  • Size: 44.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.0

File hashes

Hashes for bugpilot_cli-1.2.2.tar.gz
Algorithm Hash digest
SHA256 c6b9f2b6fc95945593002620a542eeea9cd987394b17d129aaad4d5905a6d9a5
MD5 8487e089b18529339f4ef02cdcc3f22b
BLAKE2b-256 fa0fdb3b0bc5d75f4f2465b5443208314edcfda69532ffa4f9d677c260859bb0

See more details on using hashes here.

File details

Details for the file bugpilot_cli-1.2.2-py3-none-any.whl.

File metadata

  • Download URL: bugpilot_cli-1.2.2-py3-none-any.whl
  • Upload date:
  • Size: 45.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.0

File hashes

Hashes for bugpilot_cli-1.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 1ad004ee7017a0525077f044541e50c5efbfaa69e5ef2802cad90d81987960c7
MD5 37de2db7852494dcbbc483d2635bdd7f
BLAKE2b-256 5dfbc9009fe69c47605ef6870c07ecd7e373dd9dd1b8345b53fd3af0c90fa67c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page