Advanced AI-Powered Penetration Testing Framework with Multi-Agent Orchestration
Project description
Zen-AI-Pentest
๐ก๏ธ Professional AI-Powered Penetration Testing Framework
- Guest Control: Execute tools inside isolated VMs
๐ Modern API & Backend
- FastAPI: High-performance REST API
- PostgreSQL: Persistent data storage
- WebSocket: Real-time scan updates
- JWT Auth: Role-based access control (RBAC)
- Background Tasks: Async scan execution
๐ Reporting & Notifications
- PDF Reports: Professional findings reports
- HTML Dashboard: Interactive web interface
- Slack/Email: Instant notifications
- JSON/XML: Integration with other tools
๐ณ Easy Deployment
- Docker Compose: One-command full stack deployment
- CI/CD: GitHub Actions pipeline
- Production Ready: Optimized for enterprise use
๐ Quick Start
๐ CI/CD & Security Status
๐ Table of Contents
- Overview
- Features
- Quick Start
- Installation
- Usage
- Architecture
- API Reference
- Project Structure
- Configuration
- Testing
- Documentation
- Contributing
- Support
- License
๐ฏ Overview
Zen-AI-Pentest is an autonomous, AI-powered penetration testing framework that combines cutting-edge language models with professional security tools. Built for security professionals, bug bounty hunters, and enterprise security teams.
graph TB
subgraph "User Interface"
CLI[CLI]
API[REST API]
WebUI[Web UI]
end
subgraph "Core Engine"
Orchestrator[Agent Orchestrator]
StateMachine[State Machine]
RiskEngine[Risk Engine]
end
subgraph "AI Agents"
Recon[Reconnaissance]
Vuln[Vulnerability]
Exploit[Exploit]
Report[Report]
end
subgraph "Tools"
Nmap[Nmap]
SQLMap[SQLMap]
Metasploit[Metasploit]
end
subgraph "External APIs"
OpenAI[OpenAI]
Anthropic[Anthropic]
ThreatIntel[Threat Intelligence]
end
CLI --> API
WebUI --> API
API --> Orchestrator
Orchestrator --> StateMachine
StateMachine --> Recon
StateMachine --> Vuln
StateMachine --> Exploit
Exploit --> OpenAI
RiskEngine --> ThreatIntel
Key Highlights
- ๐ค AI-Powered: Leverages state-of-the-art LLMs for intelligent decision making
- ๐ Security-First: Multiple safety controls and validation layers
- ๐ Production-Ready: Enterprise-grade with CI/CD, monitoring, and support
- ๐ Comprehensive: 20+ integrated security tools
- ๐ง Extensible: Plugin system for custom tools and integrations
โจ Features
๐ค Autonomous AI Agent
- ReAct Pattern: Reason โ Act โ Observe โ Reflect
- State Machine: IDLE โ PLANNING โ EXECUTING โ OBSERVING โ REFLECTING โ COMPLETED
- Memory System: Short-term, long-term, and context window management
- Tool Orchestration: Automatic selection and execution of 20+ pentesting tools
- Self-Correction: Retry logic and adaptive planning
- Human-in-the-Loop: Optional pause for critical decisions
๐ฏ Risk Engine
- False Positive Reduction: Multi-factor validation with Bayesian filtering
- Business Impact: Financial, compliance, and reputation risk calculation
- CVSS/EPSS Scoring: Industry-standard vulnerability assessment
- Priority Ranking: Automated finding prioritization
- LLM Voting: Multi-model consensus for accuracy
๐ Exploit Validation
- Sandboxed Execution: Docker-based isolated testing
- Safety Controls: 4-level safety system (Read-Only to Full)
- Evidence Collection: Screenshots, HTTP captures, PCAP
- Chain of Custody: Complete audit trail
- Remediation: Automatic fix recommendations
๐ Benchmarking
- Competitor Comparison: vs PentestGPT, AutoPentest, Manual
- Test Scenarios: HTB machines, OWASP WebGoat, DVWA
- Metrics: Time-to-find, coverage, false positive rate
- Visual Reports: Charts and statistical analysis
- CI Integration: Automated regression testing
๐ CI/CD Integration
- GitHub Actions: Native action support
- GitLab CI: Pipeline integration
- Jenkins: Plugin and pipeline support
- Output Formats: JSON, JUnit XML, SARIF
- Notifications: Slack, JIRA, Email alerts
- Exit Codes: Pipeline-friendly status codes
๐ ๏ธ 20+ Integrated Tools
| Category | Tools |
|---|---|
| Network | Nmap, Masscan, Scapy, Tshark |
| Web | BurpSuite, SQLMap, Gobuster, OWASP ZAP |
| Exploitation | Metasploit Framework |
| Brute Force | Hydra, Hashcat |
| Reconnaissance | Amass, Nuclei, TheHarvester |
| Active Directory | BloodHound, CrackMapExec, Responder |
| Wireless | Aircrack-ng Suite |
โ๏ธ Multi-Cloud & Virtualization
- Local: VirtualBox VM Management
- Cloud: AWS EC2, Azure VMs, Google Cloud Compute
- Snapshots: Automated clean-state workflows
Option 1: Docker (Recommended)
# Clone repository
git clone https://github.com/SHAdd0WTAka/zen-ai-pentest.git
cd zen-ai-pentest
# Copy and configure environment
cp .env.example .env
# Edit .env with your settings
# Start full stack
docker-compose up -d
# Access:
# Dashboard: http://localhost:3000
# API Docs: http://localhost:8000/docs
# API: http://localhost:8000
Option 2: Local Installation
# Install dependencies
pip install -r requirements.txt
# Initialize database
python database/models.py
# Start API server
python api/main.py
Option 3: VirtualBox VM Setup
# Automated Kali Linux setup
python scripts/setup_vms.py --kali
# Manual setup
# See docs/setup/VIRTUALBOX_SETUP.md
๐ Installation
For detailed installation instructions, see:
๐ป Usage
Python API
from agents.react_agent import ReActAgent, ReActAgentConfig
# Configure agent
config = ReActAgentConfig(
max_iterations=10,
use_vm=True,
vm_name="kali-pentest"
)
# Create agent
agent = ReActAgent(config)
# Run autonomous scan
result = agent.run(
target="example.com",
objective="Comprehensive security assessment"
)
# Generate report
print(agent.generate_report(result))
REST API
# Authentication
curl -X POST http://localhost:8000/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"admin"}'
# Create scan
curl -X POST http://localhost:8000/scans \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name":"Network Scan",
"target":"192.168.1.0/24",
"scan_type":"network",
"config":{"ports":"top-1000"}
}'
# Execute tool
curl -X POST http://localhost:8000/tools/execute \
-H "Authorization: Bearer $TOKEN" \
-d '{
"tool_name":"nmap_scan",
"target":"scanme.nmap.org",
"parameters":{"ports":"22,80,443"}
}'
# Generate report
curl -X POST http://localhost:8000/reports \
-H "Authorization: Bearer $TOKEN" \
-d '{
"scan_id":1,
"format":"pdf",
"template":"default"
}'
WebSocket (Real-Time)
const ws = new WebSocket('ws://localhost:8000/ws/scans/1');
ws.onmessage = (event) => {
const data = JSON.parse(event.data);
console.log('Scan update:', data);
};
๐๏ธ Architecture
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ZEN-AI-PENTEST v2.2 - System Architecture โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ FRONTEND LAYER โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ React โ โ WebSocket โ โ CLI Interface โ โ โ
โ โ โ Dashboard โ โ Client โ โ (Rich/Typer) โ โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ API LAYER (FastAPI) โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ Auth โ โ Scans โ โ Integrations โ โ โ
โ โ โ (JWT) โ โ CRUD API โ โ (GitHub/Slack) โ โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ AUTONOMOUS LAYER โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ ReAct โ โ Memory โ โ Exploit Validator โ โ โ
โ โ โ Loop โ โ System โ โ (Sandboxed) โ โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ RISK ENGINE LAYER โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ False โ โ Business โ โ CVSS/EPSS โ โ โ
โ โ โ Positive โ โ Impact โ โ Scoring โ โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ TOOLS LAYER (20+) โ โ
โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ Network: Nmap | Masscan | Scapy | Tshark โ โ โ
โ โ โ Web: BurpSuite | SQLMap | Gobuster | Nuclei | ZAP โ โ โ
โ โ โ Exploit: Metasploit | SearchSploit | ExploitDB โ โ โ
โ โ โ AD: BloodHound | CrackMapExec | Responder โ โ โ
โ โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ DATA & REPORTING LAYER โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โ โ PostgreSQL โ โ Benchmarks โ โ Report Generator โ โ โ
โ โ โ (Main DB) โ โ & Metrics โ โ (PDF/HTML/JSON) โ โ โ
โ โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
For detailed architecture documentation, see docs/ARCHITECTURE.md.
๐ก API Reference
- API Documentation - Complete REST API reference
- WebSocket API - Real-time updates
- Authentication - Security and auth
๐ Project Structure
zen-ai-pentest/
โโโ api/ # FastAPI Backend
โ โโโ main.py # API Server
โ โโโ schemas.py # Pydantic Models
โ โโโ auth.py # JWT Authentication
โ โโโ websocket.py # WebSocket Manager
โโโ agents/ # AI Agents
โ โโโ react_agent.py # ReAct Agent
โ โโโ react_agent_vm.py # VM-based Agent
โโโ autonomous/ # Autonomous Agent System
โ โโโ agent_loop.py # ReAct Loop Engine
โ โโโ exploit_validator.py # Exploit Validation
โ โโโ memory.py # Memory Management
โ โโโ tool_executor.py # Tool Execution
โโโ risk_engine/ # Risk Analysis
โ โโโ false_positive_engine.py
โ โโโ business_impact_calculator.py
โ โโโ cvss.py
โ โโโ epss.py
โโโ benchmarks/ # Benchmark Framework
โ โโโ run_benchmarks.py
โ โโโ comparison.py
โโโ integrations/ # CI/CD Integrations
โ โโโ github.py
โ โโโ gitlab.py
โ โโโ jira.py
โ โโโ slack.py
โ โโโ jenkins.py
โโโ database/ # Database Layer
โ โโโ models.py # SQLAlchemy Models
โโโ tools/ # Pentesting Tools
โ โโโ nmap_integration.py
โ โโโ sqlmap_integration.py
โ โโโ metasploit_integration.py
โ โโโ ... (20+ tools)
โโโ gui/ # Web Interface
โ โโโ vm_manager_gui.py # React Dashboard
โโโ reports/ # Report Generation
โ โโโ generator.py # PDF/HTML/JSON
โโโ notifications/ # Alerts
โ โโโ slack.py
โ โโโ email.py
โโโ docker/ # Deployment
โ โโโ Dockerfile
โ โโโ docker-compose.full.yml
โโโ docs/ # Documentation
โ โโโ ARCHITECTURE.md
โ โโโ INSTALLATION.md
โ โโโ API.md
โ โโโ setup/
โโโ tests/ # Test Suite
โโโ scripts/ # Setup Scripts
๐ง Configuration
Environment Variables
# Database
DATABASE_URL=postgresql://postgres:password@localhost:5432/zen_pentest
# Security
SECRET_KEY=your-secret-key-here
JWT_EXPIRATION=3600
# AI Providers
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...
# Notifications
SLACK_WEBHOOK_URL=https://hooks.slack.com/...
SMTP_HOST=smtp.gmail.com
# Cloud Providers
AWS_ACCESS_KEY_ID=AKIA...
AZURE_SUBSCRIPTION_ID=...
See .env.example for all options.
๐งช Testing
# Run all tests
pytest
# With coverage
pytest --cov=. --cov-report=html
# Specific test file
pytest tests/test_react_agent.py -v
# Integration tests
pytest tests/integration/ -v
๐ Documentation
- Getting Started - First steps
- Installation Guide - Setup instructions
- API Documentation - REST API reference
- Architecture - System design
- Support - Help and support
๐ค Contributing
We welcome contributions! Please see:
- CONTRIBUTING.md - Contribution guidelines
- CODE_OF_CONDUCT.md - Community standards
- CONTRIBUTORS.md - Our amazing contributors
Quick start:
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
๐ฌ Support
Need help? We've got you covered:
- ๐ Documentation - Comprehensive guides
- ๐ฌ GitHub Discussions - Community Q&A
- ๐ Issue Tracker - Bug reports
- ๐ Discord - Real-time chat
- ๐ง Email Support - Direct contact
See SUPPORT.md for detailed support options.
โ ๏ธ Disclaimer
IMPORTANT: This tool is for authorized security testing only. Always obtain proper permission before testing any system you do not own. Unauthorized access to computer systems is illegal.
- Use only on systems you have explicit permission to test
- Respect privacy and data protection laws
- The authors assume no liability for misuse or damage
๐ License
This project is licensed under the MIT License - see LICENSE file for details.
๐ Acknowledgments
- LangGraph - Agent framework
- FastAPI - Web framework
- Kali Linux - Penetration testing distribution
- All open-source security tool creators
๐ฅ Authors & Team
Core Development Team
@SHAdd0WTAka Project Founder & Lead Developer Security Architect |
Kimi AI AI Development Partner Architecture & Design |
AI Contributors
- Kimi AI (Moonshot AI) - Primary AI development partner
- Led architecture design for autonomous agent loop
- Implemented Risk Engine with false-positive reduction
- Created CI/CD integration templates
- Developed benchmarking framework
- Co-authored documentation and roadmaps
Special Thanks
- Grok (xAI) - Strategic analysis and competitive research
- GitHub Copilot - Code assistance and suggestions
- Security Community - Feedback, bug reports, and feature requests
๐บ๏ธ Roadmap
See ROADMAP_2026.md for our detailed 2026 roadmap.
Highlights:
- Q1 2026: SIEM integrations, React Dashboard
- Q2 2026: Mobile app, quantum-resistant crypto
- Q3 2026: Multi-cloud native, serverless support
- Q4 2026: Autonomous SOC capabilities
Made with โค๏ธ for the security community
ยฉ 2026 Zen-AI-Pentest. All rights reserved.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
zen_ai_pentest-2.3.4.tar.gz
(407.6 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file zen_ai_pentest-2.3.4.tar.gz.
File metadata
- Download URL: zen_ai_pentest-2.3.4.tar.gz
- Upload date:
- Size: 407.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0cfbdd6812358674a481c22f1ff4da81994a0aac0e5ff7120700dd7915bfe9b8
|
|
| MD5 |
89255a9ff66d11edf45777cba6aaa41f
|
|
| BLAKE2b-256 |
cf46d902ad116cd3607577c527f8fd763a0f2f1965cbe226adc8594567c96594
|
File details
Details for the file zen_ai_pentest-2.3.4-py3-none-any.whl.
File metadata
- Download URL: zen_ai_pentest-2.3.4-py3-none-any.whl
- Upload date:
- Size: 320.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4f91c6fc97335ee43ee6a35b8ec474c07c918cf94b7bd6422abeb8727eca2280
|
|
| MD5 |
905c83a107a1aad72ebd16fc8b5fe278
|
|
| BLAKE2b-256 |
bf18c73c96731ce9960068f4b8b4ecadc7bb1dbdecb050ac7a97943963ca0f8d
|
