PentAGI
Fully autonomous AI agent system for penetration testing that uses terminal, browser, editor, and external search to perform complex security assessments in a sandboxed Docker environment.
At a Glance
Fully open-source self-hosted penetration testing platform available under the MIT License.
Engagement
Available On
Listed Jul 2026
About PentAGI
PentAGI is an open-source, self-hosted autonomous AI agent platform built by VXControl for automated penetration testing. Released under the MIT License, it combines a multi-agent architecture with 200+ professional Kali Linux security tools, a knowledge graph memory system, and support for 12+ LLM providers to carry out end-to-end security assessments with minimal human intervention.
What It Is
PentAGI (Penetration testing Artificial General Intelligence) is a fully autonomous security testing platform that accepts a natural-language task description and then plans, executes, and reports on penetration testing workflows without requiring manual step-by-step guidance. It runs entirely inside Docker containers, isolating all tool execution from the host system. The project is written primarily in Go for the backend, with a React/TypeScript frontend, and exposes both REST and GraphQL APIs for programmatic integration.
Architecture and Core Components
PentAGI uses a microservices design with clearly separated layers:
- Core services: Go-based backend API with GraphQL, React frontend, PostgreSQL with pgvector for semantic memory, and an async task queue
- Multi-agent system: Specialized agents for research, development, execution, planning, and reflection — each with configurable LLM model assignments
- Knowledge graph: Optional Graphiti + Neo4j integration for semantic relationship tracking across engagements
- Observability stack: OpenTelemetry, Grafana, VictoriaMetrics, Jaeger, Loki, and Langfuse for full-stack monitoring and LLM analytics
- Security tools layer: Isolated scraper browser, 20+ professional tools (nmap, metasploit, sqlmap, and more), and sandboxed Docker execution
The system manages growing LLM context windows through a chain summarization algorithm that selectively compresses older conversation history while preserving critical tool call sequences.
LLM Provider Flexibility
PentAGI supports 12+ LLM providers out of the box, configurable per agent type:
- Cloud providers: OpenAI (GPT-5/o-series), Anthropic (Claude 4), Google Gemini (3.x/2.5), AWS Bedrock, DeepSeek, GLM, Kimi, Qwen
- Local inference: Ollama (including Ollama Cloud), vLLM, and any OpenAI-compatible endpoint
- Aggregators: OpenRouter, DeepInfra, LiteLLM proxy
For fully air-gapped deployments, the project documentation describes running vLLM with Qwen3.5-27B-FP8 on 4× RTX 5090 GPUs, achieving approximately 13,000 TPS for prompt processing.
Advanced Agent Supervision
PentAGI includes two beta supervision mechanisms designed especially for smaller open-source models:
- Execution Monitoring: An adviser/mentor agent automatically intervenes when it detects repeated identical tool calls or lack of progress toward the subtask objective. The project states this delivers a 2x improvement in result quality for models under 32B parameters, at the cost of 2–3x more tokens and execution time.
- Intelligent Task Planning: A planner agent decomposes each subtask into 3–7 specific steps before specialist agents begin, reducing scope creep and redundant work.
Both features are disabled by default and enabled via environment variables (EXECUTION_MONITOR_ENABLED, AGENT_PLANNING_STEP_ENABLED).
Deployment and Setup
PentAGI ships an interactive terminal-based installer for Linux (amd64/arm64), Windows (amd64), and macOS (Intel/M-series) that handles Docker checks, LLM provider configuration, search engine setup, SSL certificate generation, and docker-compose deployment. Manual installation via docker compose up -d is also supported.
System requirements are modest: 2 vCPU, 4 GB RAM, and 20 GB disk space. For production or security-sensitive environments, the project recommends a two-node architecture that isolates worker container execution on a separate server with TLS-authenticated Docker-in-Docker.
After installation, the web UI is accessible at https://localhost:8443. The platform supports flows (autonomous or assistant-guided), templates for repeatable assessments, per-flow file management, and report export in web view, Markdown, and PDF formats.
Update: v2.1.0
The latest release is v2.1.0, published May 29, 2026. The GitHub repository shows active development with the last push on June 25, 2026, 18,043 stars, and 2,467 forks as reported by GitHub metadata. The project has been trending on Trendshift and maintains an active community on Discord and Telegram.
Community Discussions
Be the first to start a conversation about PentAGI
Share your experience with PentAGI, ask questions, or help others learn from your insights.
Pricing
Open Source
Fully open-source self-hosted penetration testing platform available under the MIT License.
- Fully autonomous AI penetration testing agent
- 200+ professional Kali Linux security tools
- 12+ LLM provider support
- Self-hosted Docker deployment
- REST and GraphQL APIs
Capabilities
Key Features
- Fully autonomous penetration testing agent
- Sandboxed Docker execution environment
- 200+ professional Kali Linux security tools
- Multi-agent system with specialized roles (researcher, developer, executor, planner, adviser)
- Knowledge graph memory via Graphiti and Neo4j
- 12+ LLM provider support (OpenAI, Anthropic, Gemini, AWS Bedrock, Ollama, DeepSeek, and more)
- REST and GraphQL APIs with Bearer token authentication
- Interactive terminal-based installer
- Self-hosted deployment
- Real-time monitoring with Grafana, VictoriaMetrics, Jaeger, Loki
- LLM observability via Langfuse
- Execution monitoring and intelligent task planning (beta)
- Chain summarization for context window management
- Per-flow file management with upload, resource attachment, and container snapshots
- Report export in web view, Markdown, and PDF
- Internet search via Google, Tavily, Traversaal, Perplexity, DuckDuckGo, Sploitus, Searxng
- Two-node production architecture for isolated worker execution
- OAuth integration (GitHub and Google)
- Podman support
Integrations
Demo Video

