- by x32x01 ||
Looking for an AI-powered penetration testing tool that runs directly inside your terminal?
Meet PentesterFlow - an open-source offensive security agent built for penetration testers, bug bounty hunters, security engineers, and red teamers.
Unlike many cloud-dependent AI tools, PentesterFlow focuses on local execution, human approval, transparent testing, and report-ready findings 🔥
It helps turn a security objective into a structured workflow for:
The tool connects with local AI models or OpenAI-compatible backends to help automate parts of the penetration testing process.
Instead of blindly launching scanners, PentesterFlow follows a smarter workflow:
The agent can then:
⏺
⏺
⏺
⏺
That means PentesterFlow is not just generating ideas - it actually helps organize and validate testing workflows.
You can run it using your own AI backend without needing a cloud account.
Supported model providers include:
Before risky operations, the tool asks for permission.
You can choose:
These skills contain testing methodology, payload logic, and workflow guidance.
Available skills include:
This makes the tool flexible for multiple security scenarios.
You can also install a pinned release version:
First, pull a supported local model:
Launch the tool:
Set your scope:
Then describe the testing objective:
test the orders API for IDOR and broken access control
Simple, fast, and terminal-friendly.
Some popular examples:
You can also customize:
Start the local ingest server:
This feature helps analyze:
Its security model includes:
Use PentesterFlow only on systems where you have explicit authorization.
Because the agent can:
PentesterFlow takes a different approach.
It combines:
If you want an open-source AI pentesting agent that works inside your terminal, supports local models, and focuses on transparent workflows, PentesterFlow is definitely worth exploring 🚀
Repository: https://github.com/PentesterFlow/agent
Meet PentesterFlow - an open-source offensive security agent built for penetration testers, bug bounty hunters, security engineers, and red teamers.
Unlike many cloud-dependent AI tools, PentesterFlow focuses on local execution, human approval, transparent testing, and report-ready findings 🔥
It helps turn a security objective into a structured workflow for:
- Reconnaissance
- Vulnerability testing
- Verification
- Evidence collection
- Security reporting
What Is PentesterFlow? 🤔
PentesterFlow is a terminal-based AI security agent designed for professional offensive security workflows.The tool connects with local AI models or OpenAI-compatible backends to help automate parts of the penetration testing process.
Instead of blindly launching scanners, PentesterFlow follows a smarter workflow:
- Define a target
- Plan the testing approach
- Run approved tools
- Analyze responses
- Verify vulnerabilities
- Generate report-ready findings
How PentesterFlow Works ⚡
A typical PentesterFlow session looks like this: Code:
$ pentesterflow
› /target https://app.example.com
› test the orders API for broken access controlThe agent can then:
- Load the proper testing skill
- Send HTTP requests
- Execute shell commands
- Compare responses
- Confirm security issues
- Save findings automatically
⏺
Skill webvuln⏺
http GET /api/v1/orders/1043⏺
Shell(curl request)⏺
Confirmed Finding: IDOR VulnerabilityThat means PentesterFlow is not just generating ideas - it actually helps organize and validate testing workflows.
Key Features of PentesterFlow 🔥
PentesterFlow includes several powerful features for ethical hacking and security testing.Local-First Architecture
One of the biggest advantages is its local-first design.You can run it using your own AI backend without needing a cloud account.
Supported model providers include:
- Ollama
- LM Studio
- OpenAI-compatible APIs
- vLLM
- llama.cpp servers
Human Approval System 🛡️
PentesterFlow does not automatically perform sensitive actions.Before risky operations, the tool asks for permission.
You can choose:
- Allow once
- Allow for session
- Deny request
- YOLO mode for lab environments
Built-In Security Skills
PentesterFlow ships with prebuilt security playbooks called skills.These skills contain testing methodology, payload logic, and workflow guidance.
Available skills include:
| Skill | Focus Area |
|---|---|
| recon | Recon, fingerprinting, subdomain discovery |
| webvuln | IDOR, auth flaws, access control issues |
| ssrf | SSRF bypass and metadata testing |
| ssti | Template injection testing |
| jwt | Token weaknesses and validation flaws |
| graphql | GraphQL authorization testing |
| race | Race condition verification |
| takeover | Subdomain takeover checks |
| deserialize | Unsafe deserialization testing |
PentesterFlow Installation Guide 💻
Installing PentesterFlow is simple.Install on macOS or Linux
Code:
curl -fsSL https://raw.githubusercontent.com/PentesterFlow/agent/main/install.sh | shInstall on Windows PowerShell
Code:
irm https://raw.githubusercontent.com/PentesterFlow/agent/main/install.ps1 | iexYou can also install a pinned release version:
Code:
PENTESTERFLOW_VERSION=v0.1.0 \
PENTESTERFLOW_INSTALL_DIR="$HOME/.local/bin" \
sh -c "$(curl -fsSL https://raw.githubusercontent.com/PentesterFlow/agent/main/install.sh)"Quick Start Guide 🚀
Getting started takes only a few steps.First, pull a supported local model:
ollama pull qwen2.5-coder:32bLaunch the tool:
pentesterflowSet your scope:
/target https://app.example.comThen describe the testing objective:
test the orders API for IDOR and broken access control
Simple, fast, and terminal-friendly.
PentesterFlow Command Line Options ⚙️
PentesterFlow includes several useful CLI flags.Some popular examples:
Bash:
# Default Ollama backend
pentesterflow
# LM Studio backend
pentesterflow --backend lmstudio
# Enable browser tools
pentesterflow --browser
# Resume previous session
pentesterflow --resume session-idYou can also customize:
- Backend provider
- Model selection
- Browser capture tools
- Skills directory
- Session management
- Streaming behavior
Browser Capture Support 🌐
PentesterFlow supports browser traffic capture for advanced testing workflows.Start the local ingest server:
pentesterflow --browser-ingestThis feature helps analyze:
- Captured requests
- Browser snapshots
- Endpoint discovery
- Traffic investigation
Security Model and Safety Controls 🔒
PentesterFlow emphasizes authorized testing and safe execution.Its security model includes:
- Human approval gates
- Sensitive path protection
- Shell safety checks
- Credential redaction
- Transparent evidence tracking
Use PentesterFlow only on systems where you have explicit authorization.
Because the agent can:
- Run shell commands
- Make HTTP requests
- Edit files
- Use browser tools
Why PentesterFlow Stands Out in Offensive Security 📈
Many AI security tools focus heavily on automation.PentesterFlow takes a different approach.
It combines:
✅ AI workflow assistance
✅ Human decision making
✅ Local model flexibility
✅ Verified findings
✅ Report-ready output
✅ Terminal-native usability
That balance makes it appealing for professional penetration testing environments.✅ Human decision making
✅ Local model flexibility
✅ Verified findings
✅ Report-ready output
✅ Terminal-native usability
Final Thoughts
PentesterFlow is becoming an interesting project for the AI cybersecurity, penetration testing, and bug bounty communities.If you want an open-source AI pentesting agent that works inside your terminal, supports local models, and focuses on transparent workflows, PentesterFlow is definitely worth exploring 🚀
Repository: https://github.com/PentesterFlow/agent