Share
## https://sploitus.com/exploit?id=22F7DDD1-166E-535D-964F-0CFC46467456
# ๐ AI Pentest Agent v4
> Automated web application penetration testing powered by Claude AI




## ๐ฏ What It Does
Automatically discovers, exploits, and reports vulnerabilities in web applications using AI-driven reasoning. Give it a target URL โ it figures out the rest.
## โก Results
| Target | Steps | Findings | Time |
|--------|-------|----------|------|
| OWASP Juice Shop | 5 | 9 (7 Critical) | ~8 min |
| DVWA Low/Med/High | 3 | SQLi+XSS+CMDi | ~5 min |
| WordPress | 6 | User enum, XML-RPC, REST API | ~10 min |
## ๐ ๏ธ Capabilities
### App Detection (automatic)
- **WordPress** โ user enumeration, plugin CVE lookup, XML-RPC brute force, REST API mapping
- **REST API / JWT** โ SQLi dump, hash cracking, auth bypass, BOLA, IDOR
- **PHP apps** โ CSRF-aware sessions, form-based auth, DVWA all difficulty levels
### OPSEC
- Tor routing on every request (`--tor` flag)
- Randomized User-Agent rotation
- Adaptive delays (3-7s with Tor)
- WAF detection and auto-backoff
### Reporting
- Professional pentest report generation
- AI-written finding descriptions
- CVSS 3.1 scoring
- Evidence files saved per finding
## ๐ฆ Install
```bash
git clone https://github.com/CyberWardion/ai-pentest-agent
cd ai-pentest-agent
pip install anthropic requests pysocks urllib3
cp config/.env.example config/.env
# Add your ANTHROPIC_API_KEY to .env
```
## ๐ Usage
```bash
# Activate environment
source venv/bin/activate
set -a; source config/.env; set +a
# Test against OWASP Juice Shop (local)
python3 scripts/ai_agent_v4.py \
--target http://localhost:3000 \
--client "JuiceShop" \
--steps 10
# Real target with Tor routing
python3 scripts/ai_agent_v4.py \
--target https://target.com \
--client "ClientName" \
--steps 12 \
--tor
# WordPress deep exploitation
python3 scripts/wp_exploit.py https://target.com --tor
# Plugin CVE lookup
python3 scripts/cve_lookup.py
# DVWA all difficulty levels
python3 scripts/dvwa_test.py http://localhost:8080
```
## ๐ Scripts
| Script | Purpose |
|--------|---------|
| `ai_agent_v4.py` | Main AI agent โ full automated engagement |
| `ai_report.py` | Professional report generator |
| `wp_exploit.py` | WordPress smart exploitation |
| `wp_deep_scan.py` | WordPress API + CVE scanning |
| `cve_lookup.py` | Plugin CVE lookup via Wordfence API |
| `dvwa_test.py` | DVWA Low/Medium/High/Impossible |
| `js_secrets.py` | JavaScript secret scanning |
| `dork_recon.py` | Google dork reconnaissance |
| `sessions.py` | JWT session management |
| `crack_hashes.py` | MD5 hash cracking via rockyou |
## ๐ง Lab Setup
```bash
# OWASP Juice Shop
docker run -d -p 3000:3000 bkimminich/juice-shop
# DVWA
docker run -d -p 8080:80 vulnerables/web-dvwa
# Tor
systemctl start tor
```
## โ ๏ธ Legal
This tool is for **authorized security testing only**.
- Only test systems you own or have **written authorization** to test
- Unauthorized testing is illegal under computer fraud laws worldwide
- The authors take no responsibility for misuse
## ๐ข About
Built by [CyberWardion](https://cyberwardion.com) โ Professional cybersecurity services.