Let autonomous AI agents hack you before attackers do.
Fully autonomous agentic pentesting framework.
-e63946?style=flat-square&labelColor=2b2d42){kind=icon}
-e63946?style=flat-square&labelColor=2b2d42){kind=icon}
-e63946?style=flat-square&labelColor=2b2d42){kind=icon}
Docs · Website · Blog · Benchmark · Triage
Fully autonomous agentic pentesting for web apps, AI/LLM apps, package ecosystems, and source code.
This README is the fast path. The detailed command reference, configuration, architecture notes, recipes, and benchmark breakdowns live in the docs site.
curl -fsSL https://raw.githubusercontent.com/PwnKit-Labs/pwnkit/main/install.sh | bashDownloads a self-contained pwnkit binary (~74 MB) for your platform from the latest GitHub Release — no Node, no Bun, no npm, no node_modules. Installs to ~/.pwnkit/bin/pwnkit. Set PWNKIT_INSTALL_DIR=/usr/local/bin to change the location, PWNKIT_VERSION=vX.Y.Z to pin a version.
Binaries ship for linux-x64, linux-arm64, darwin-arm64, and windows-x64. The interactive Bun-based TUI is baked into the binary — no extra install step. Intel Mac users: install Bun and compile from source.
docker run --rm -e OPENROUTER_API_KEY=$KEY \
ghcr.io/pwnkit-labs/pwnkit:latest scan --target https://example.comIf you use Azure OpenAI instead, also pass AZURE_OPENAI_BASE_URL and AZURE_OPENAI_MODEL. For the Responses API, the Azure base URL should include /openai/v1.
The image ships with Node 20, Playwright/Chromium, and the standard pentest toolbox (sqlmap, nmap, nikto, gobuster, ffuf, hydra, john, …) preinstalled.
# Scan an AI / LLM endpoint
pwnkit scan --target https://example.com/api/chat
# Pentest a web app
pwnkit scan --target https://example.com --mode web
# White-box scan with source code access
pwnkit scan --target https://example.com --repo ./source
# Audit a package
pwnkit audit lodash
# Review source code
pwnkit review ./my-app
# Import and verify kernel crash reports
pwnkit ingest ./kernel-crashes --verify --output json
# Auto-detect — just give it a target
pwnkit https://example.comThe binary is named pwnkit when installed via install.sh and pwnkit-cli when installed via npm. Substitute whichever your install route used; everything else is identical. From v0.10.0 the npm package is a smart launcher that downloads the platform-specific binary on first run and caches it under ~/.pwnkit/cache/<version>/, so npx pwnkit-cli and npm i -g pwnkit-cli work without a separate install step.
scantargets AI / LLM apps, web apps, REST / OpenAPI APIs, and MCP servers.auditinstalls and inspects packages acrossnpm,pypi,cargo, andociwith ecosystem-specific prep, static analysis, and AI review.reviewperforms deep source-code security review on a local repo or Git URL.ingestparses kernel crash reports and can validate them against reproducers, including a real QEMU kernel VM path that compiles and runs reproducers inside the guest when configured.triage-dataturns benchmark runs and verified findings into labeled JSONL for triage-model training.cloud-sinkcan stream findings and final reports to an orchestrator withPWNKIT_CLOUD_SINK+PWNKIT_CLOUD_SCAN_ID.dashboard,history,findings, andtriageprovide local persistence and review workflows.
- Shell-first web pentesting. The agent uses
bash, writes scripts, and chains tools like a human pentester instead of being trapped in a small HTTP-tool DSL. - Blind verification. Findings are independently re-exploited before they are reported.
- Docs-backed benchmark transparency. The current benchmark details live in the docs and raw artifacts under
packages/benchmark/results.
- Getting Started
- Adversarial evals
- Commands
- Configuration
- Recipes
- Architecture
- Triage Pipeline
- Benchmark
XBOW 99.0% aggregate (103/104) · 97.9% gpt-5.4 cohort (93/95) · $5.20/flag. Cybench 90.0% (36/40). AI/LLM regression 10/10.
The benchmark page is the canonical surface — it separates the stable model-specific cohort from the rotation-volatile retained aggregate, lists the historical mixed publication line, and notes the remaining challenge-set mismatches.
- uses: PwnKit-Labs/pwnkit@main
with:
mode: review
path: .
format: sarif
env:
OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}git clone https://github.com/PwnKit-Labs/pwnkit.git
cd pwnkit
pnpm install
pnpm lint
pnpm testSee CONTRIBUTING.md.
Open-source adversarial security for the agentic AI era. pwnkit is one piece of the open-source PwnKit Labs stack: