An open-source, AI-driven penetration testing agent. Connects to a Kali attack box, runs tools autonomously, analyzes results, and iterates. You describe the target. It does the rest.
Built for real-world engagements, boot2root boxes, and CTFs.
Pentest Copilot performing an auth bypass in OWASP Juice Shop:
pentest-copilot-juice-box-demo.mp4
Watch it on YouTube
- Agentic execution - the AI runs commands directly on the attack box, reads output, decides next steps, and loops. Up to 25 iterations per turn, no manual nudging required.
- 16 agent tools - bash, Python scripts, tool installation, shell management, Google search, subagent spawning, Burp Suite (proxy history, Repeater, Intruder, Collaborator), and browser automation.
- 100+ capabilities - curated registry of security tools and Python packages across 7 categories (network, rev, pwn, crypto, forensics, stego, core). Select what you need, the agent installs the rest.
- Burp Suite integration - proxy history viewer, send requests to Repeater/Intruder, Collaborator for out-of-band testing. All accessible to the agent and through the UI.
- Browser agent - real browser automation via Magnitude. Test login flows, fill forms, interact with JavaScript-heavy apps. Optionally proxy traffic through Burp. In Docker mode, watch the browser via the built-in VNC stream; in developer mode, the browser opens on your local desktop.
- VPN management - upload
.ovpnprofiles and connect/disconnect from the browser. Multiple simultaneous connections supported. - Subagent parallelism - spawn background agents to run tasks concurrently (e.g. directory brute-force + subdomain enum at the same time).
- Safety checks - dangerous commands (recursive deletes, device writes, fork bombs) require explicit approval, even in auto-run mode.
- Bring your own model - OpenAI, Anthropic (API key or OAuth), Google, Mistral, or any OpenAI-compatible endpoint.
git clone https://github.com/bugbasesecurity/pentest-copilot.git
cd pentest-copilot
./run.sh startOpen http://localhost:3000, register, and start a session.
run.sh handles config file generation, Docker builds, and container orchestration. On first run it prompts for your model provider and API key. Use ./run.sh start -q to skip prompts on subsequent runs.
./run.sh stop # Stop all containers
./run.sh logs # Tail logs
./run.sh status # Container status
./run.sh config # Update configuration
./run.sh dev # Developer mode (infra only, run frontend/backend locally)
./run.sh help # Full helpPentest Copilot can expose its local control plane over MCP for clients such as Claude Code or Codex. Open Settings -> MCP Access to copy the local MCP endpoint and bearer token.
Treat the token as local admin access: it can run commands on the configured exploit box, operate Burp, browser automation, and VPN flows, read artifacts, write findings, and update local Pentest Copilot configuration. MCP actions tied to an engagement are recorded in that session so they remain visible in the Pentest Copilot UI.
After copying the endpoint and token, you can smoke test the MCP connection:
cd backend
PENTEST_COPILOT_MCP_URL=http://localhost:8080/mcp \
PENTEST_COPILOT_MCP_TOKEN=pc_mcp_... \
corepack pnpm run mcp:smoke| Minimum | |
|---|---|
| RAM | 8 GB (+2 GB if using the built-in Kali container) |
| Disk | 20 GB |
| Docker | v20+ with Compose v2+ |
| Node.js | v22+ (dev mode only) |
| pnpm | v9+ (dev mode only) |
Full documentation lives in the Wiki:
- Getting Started - setup, configuration, environment variables
- Architecture - system design, agent loop, subagents
- Usage - workflow, consent model, chat interface
- Features - full feature overview
- Settings - models, SSH, VNC, Burp, Magnitude
- Capabilities - tool registry and buckets
- Agent Tools - all 16 tools and consent behavior
- Burp Suite Integration - setup and usage
- Browser Agent - Magnitude configuration
- VPN Management - profile management
- Slash Commands - session utilities
- Changelog - what's new
./run.sh dev # Starts MongoDB + Redis in DockerThen in separate terminals:
cd backend && pnpm install && pnpm run watch # TypeScript compiler
cd backend && pnpm run dev # Backend server (port 8080)
cd frontend && pnpm install && pnpm run dev # Frontend (port 3000)See the Wiki for detailed setup instructions.
- Dhruva Goyal - dhruva@bugbase.ai | LinkedIn | GitHub | X
- Aditya Peela - aditya@bugbase.ai | LinkedIn | GitHub | X
- Sitaraman Subramanian - sitaraman@bugbase.ai | LinkedIn | GitHub | X
@article{goyal2024hacking,
title={Hacking, the lazy way: LLM augmented pentesting},
author={Goyal, Dhruva and Subramanian, Sitaraman and Peela, Aditya},
journal={arXiv preprint arXiv:2409.09493},
year={2024}
}Contributions welcome. See the Contributing Guide and Code of Conduct.
Pentest Copilot is intended for authorized security testing only. Always have explicit permission before testing any system.