PentestCode: New Open-Source AI Agent Automates Penetration Testing
PentestCode, an open-source AI agent, automates penetration testing by integrating 18 specialized tools to perform reconnaissance, exploitation, and post-exploitation tasks with minimal human intervention.

A new open-source tool, PentestCode, is bringing autonomous AI agents into offensive security workflows. This tool, a hard fork of OpenCode rebuilt specifically for penetration testing, operates from a terminal interface, running security tools, analyzing their output, and making tactical decisions with minimal human intervention.
The core functionality of PentestCode is the automation of penetration testing methodologies. Users can provide a single instruction, such as targeting an IP address with the objective of gaining domain administrator access. The agent's coordinator then takes over, initiating scans like nmap -sS -p-, automatically parsing the results into a structured engagement state, and identifying critical indicators such as ports 88 and 389, which typically signal a Domain Controller.
Following initial reconnaissance, PentestCode spawns parallel enumeration sub-agents for services like SMB, LDAP, and HTTP. It then attempts attacks such as AS-REP roasting to harvest Kerberos hashes, and subsequently sprays any obtained credentials across discovered services including SMB, WinRM, LDAP, and RDP. Successful WinRM logins trigger a post-exploitation agent tasked with dumping SAM, LSA, and DPAPI secrets, with every action meticulously logged in an evidence chain.
Developed by Zhangir Ospanov, PentestCode employs a strategist-coordinator design inspired by HPTSA research, which its creators claim offers a significant improvement over single-agent approaches. The system comprises thirteen distinct agents responsible for roles including reconnaissance, scanning, enumeration, exploitation, Active Directory/Kerberos attacks, infrastructure protocols, web application testing, post-exploitation, exploit development, false-positive filtering, and reporting. All agents share a unified engagement state in real-time.
This shared state is a key feature, tracking hosts, services, vulnerabilities (with confidence scores), credentials, access levels, and an entity relationship graph that connects findings through labels like EXPLOITED_VIA and PIVOT_TO. An attack-path module utilizes algorithms like Dijkstra and Yen's K-shortest-paths to suggest optimal routes through this graph. The state persists across sessions, allowing testers to resume multi-day engagements without losing context.
PentestCode integrates 18 specialized tools for offensive work, with parsers that convert raw output from tools like Nmap, Nuclei, NetExec, Gobuster, BloodHound, and sqlmap directly into structured state entries. This mandatory parsing prevents findings from being lost during manual analysis. Additional tools are available for JWT analysis, XSS detection, credential-spray planning, scope validation, tunnel management, and report generation.
Nineteen on-demand "skill" packs, which are markdown-based knowledge files covering checklists, service-specific tactics, and playbooks for AD, web apps, and cloud environments, extend the agent's capabilities without requiring code changes. The tool is available on GitHub and is explicitly described as "not stealthy," making it unsuitable for red-team operations requiring high levels of operational security. The developers note that token costs for engagements can range from $5 to $50, depending on the scope and the chosen Large Language Model (LLM), with Claude Opus/Sonnet reportedly outperforming GPT-4o and local models for multi-agent coordination.
While PentestCode represents a powerful force multiplier for methodical enumeration and analysis, it remains beta software. It lacks a graphical user interface (GUI), does not integrate with Burp Suite, and its APIs are still evolving. Therefore, it is positioned as a tool to augment, rather than replace, human-led complex exploit chains or creative attack development.