Hiring a penetration tester typically costs tens of thousands of dollars. PentAGI, an open-source project by VXControl, wants to automate the whole job.

The tool has been climbing GitHub's trending list this week — coinciding with RSAC 2026, the security industry's flagship annual conference — after crossing 10,000 stars. It's the kind of timing that tends to put a project on the map.

Three Agents, One Target

PentAGI runs three specialized AI agents in sequence: a Researcher that performs reconnaissance and scans vulnerability databases, a Developer that writes exploit code, and an Executor that runs it inside an isolated Docker sandbox. You give it a target; the agents coordinate from there.

The system integrates more than 20 professional tools — Nmap for port scanning, sqlmap for database injection attacks, Metasploit for known exploits — selecting them automatically based on what the recon phase discovers.

In one documented test run, PentAGI found a SQL injection flaw in a web application and successfully extracted an admin password. The full report is on GitHub.

Learns as It Goes

What sets PentAGI apart from scripted scanners is memory. It uses Neo4j knowledge graphs to store successful attack patterns. If it cracked a database using SQL injection on one target, it applies that approach to similar targets automatically.

LLM-Agnostic

It supports 10+ AI providers: OpenAI, Anthropic Claude, Google Gemini, DeepSeek, and local models via Ollama. Running it with a free Ollama model takes 2–3x longer than commercial options but reportedly produces comparable quality with the execution monitoring feature enabled.

Setup is one Docker command. The repo is MIT licensed.