Pentrex

AI-powered autonomous penetration testing agent. Multi-agent crew architecture — recon, scanning, vulnerability analysis, and exploitation through coordinated AI workers.

---

Screenshots

---

Interface

╔══════════════════════════════════════════════════════════════════════════════╗
║          ██████╗ ███████╗███╗   ██╗████████╗██████╗ ███████╗██╗  ██╗        ║
║          ██╔══██╗██╔════╝████╗  ██║╚══██╔══╝██╔══██╗██╔════╝╚██╗██╔╝        ║
║          ██████╔╝█████╗  ██╔██╗ ██║   ██║   ██████╔╝█████╗   ╚███╔╝         ║
║          ██╔═══╝ ██╔══╝  ██║╚██╗██║   ██║   ██╔══██╗██╔══╝   ██╔██╗         ║
║          ██║     ███████╗██║ ╚████║   ██║   ██║  ██║███████╗██╔╝ ██╗        ║
║          ╚═╝     ╚══════╝╚═╝  ╚═══╝   ╚═╝   ╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝        ║
║                                                                              ║
║            ·  AI Penetration Testing Agent  ·  v2.0  ·                       ║
╚═══════════════════ ▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓▒░▒▓ ════════════════════╝

  ▓▒░  [192.168.1.1]  pentrex ❯

---

Crew Mode

Deploy a coordinated team of specialized AI agents:

▓▒░ [192.168.1.1]  pentrex ❯  /crew full penetration test

╭──────────── ▓▒░  CREW MODE · recon → scan → vuln → exploit  ░▒▓ ────────────╮
│  Task: full penetration test   target: 192.168.1.1                           │
╰──────────────────────────────────────────────────────────────────────────────╯

  ├─  [Orchestrator] Analyzing target, planning attack phases...
  ├─  [Crew] Delegating to ReconWorker...
  ├─  [ReconWorker] Running DNS enumeration and OSINT gathering...
  ├─  [ReconWorker:tool] nmap_scan
  ├─  [Crew] Delegating to ScanWorker...
  ├─  [ScanWorker] Full port scan with service version detection...
  ├─  [Crew] Delegating to VulnWorker...
  ├─  [VulnWorker] Analyzing findings against known CVEs...
  ├─  [Orchestrator] 3 open ports, 2 critical vulns — initiating exploit phase
  └─  done

Worker	Role
ReconWorker	DNS, subdomains, OSINT, fingerprinting
ScanWorker	Port scanning, service detection, OS fingerprinting
VulnWorker	CVE analysis, misconfiguration checks, severity rating
ExploitWorker	PoC verification, safe exploitation attempts

The Orchestrator coordinates all workers, analyzes results between phases, and decides next steps strategically.

---

Modes

Mode	Command	Description
Assist	(default)	Interactive chat — you control the flow
Agent	/agent <task>	Autonomous single-task execution
Crew	/crew <task>	Multi-agent crew with specialized workers
Learn	/learn	Quizzes, explanations, tool guides

---

Install

git clone https://github.com/sideffectt/Pentrex.git
cd Pentrex

python -m venv venv
source venv/bin/activate        # Linux / macOS
# .\venv\Scripts\Activate.ps1  # Windows

pip install -e ".[all]"

Configure

cp .env.example .env

ANTHROPIC_API_KEY=sk-ant-...
PENTREX_MODEL=claude-haiku-4-5-20251001   # optional

Run

pentrex                                        # Launch TUI
pentrex -t 192.168.1.1                         # Launch with target pre-set
pentrex --playbook web_recon -t example.com    # Run playbook directly

---

Commands

╭──────────────────────────── ▓▒░  COMMANDS  ░▒▓ ──────────────────────────────╮
│  ── AGENT MODES ───────────────────                                           │
│    /agent <task>          Autonomous agent — executes task independently      │
│    /crew  <task>          Multi-agent crew (recon → scan → vuln → exploit)    │
│                                                                               │
│  ── SESSION ───────────────────────                                           │
│    /target <host>         Set target IP / hostname / CIDR                     │
│    /notes                 Show all saved findings                             │
│    /report                Generate & save pentest report                      │
│    /clear                 Clear conversation history                          │
│                                                                               │
│  ── TOOLS & PLAYBOOKS ─────────────                                           │
│    /tools                 List available agent tools                          │
│    /playbooks             List attack playbooks                               │
│    /playbook <name>       Run an attack playbook                              │
│                                                                               │
│  ── MCP SERVERS ───────────────────                                           │
│    /mcp list              List configured MCP servers                         │
│    /mcp add <n> <cmd>     Add a new MCP server                                │
╰───────────────────────────────────────────────────────────────────────────────╯

---

Playbooks

pentrex --playbook web_recon    -t example.com
pentrex --playbook network_scan -t 192.168.1.0/24
pentrex --playbook vuln_scan    -t 10.0.0.1
pentrex --playbook web_vuln     -t example.com

---

Tools

Built-in: terminal · nmap_scan · save_note · read_notes · quiz · explain

MCP: External tools via mcp_servers.json:

{
  "mcpServers": {
    "nmap": {
      "command": "npx",
      "args": ["-y", "gc-nmap-mcp"]
    }
  }
}

---

Architecture

pentrex/
├── agents/       AssistAgent · AutoAgent · Crew + Workers
├── tools/        terminal · nmap · notes · quiz · explain
├── llm/          Anthropic wrapper (retry + exponential backoff)
├── mcp/          MCP server config & client
├── playbooks/    Attack playbook definitions
├── knowledge/    System prompts · RAG content
├── runtime/      Report generation
├── interface/    TUI (Rich — dark hacker aesthetic)
└── config/       Settings · safety blocklist
loot/             Findings & reports output
tests/

---

Legal

Only use against systems you have explicit authorization to test. Unauthorized access is illegal.

License

MIT