DEV.co
Open-Source DevOps · vxcontrol

pentagi

PentAGI is an open-source, self-hosted autonomous penetration testing platform powered by AI agents. It automates security testing workflows using multiple LLM providers, integrates professional security tools, and stores findings in a vector database with knowledge graph capabilities.

Source: GitHub — github.com/vxcontrol/pentagi
18.5k
GitHub stars
2.5k
Forks
Go
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryvxcontrol/pentagi
Ownervxcontrol
Primary languageGo
LicenseMIT — OSI-approved
Stars18.5k
Forks2.5k
Open issues64
Latest releasev2.1.0 (2026-05-29)
Last updated2026-07-03
Sourcehttps://github.com/vxcontrol/pentagi

What pentagi is

Go-based microservices architecture combining multi-agent AI orchestration, GraphQL/REST APIs, PostgreSQL+pgvector for vector storage, Neo4j for knowledge graphs, and Docker-sandboxed execution of 20+ security tools (nmap, metasploit, sqlmap). Supports 10+ LLM providers via OpenAI-compatible interfaces.

Quickstart

Get the pentagi source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/vxcontrol/pentagi.gitcd pentagi# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Autonomous security research and reconnaissance

Leverage AI agents to automatically gather intelligence from multiple web sources, search APIs, and internal knowledge bases for target analysis without manual step-by-step execution.

Hybrid penetration testing with human oversight

Deploy PentAGI as an assisted platform where security teams monitor and approve AI-proposed test steps before execution, reducing manual workflow overhead while maintaining control.

Self-hosted security automation for regulated environments

Organizations requiring on-premise deployment, data residency compliance, or air-gapped networks can leverage the full stack (LLMs, storage, monitoring) without external API dependencies.

Implementation considerations

  • Requires configuring external LLM provider credentials (OpenAI/Anthropic/AWS Bedrock/Ollama/others); local models demand separate vLLM deployment and GPU resources.
  • Full stack deployment spans 10+ services (API, UI, PostgreSQL, Neo4j, Grafana, Loki, Jaeger, VictoriaMetrics, Langfuse) with Docker Compose; infrastructure knowledge required.
  • Testing scope must be clearly defined and authorized; autonomous agent behavior is not fully deterministic and may drift from intended targets without proper constraints.
  • Knowledge graph and vector store design impacts query performance; pgvector indexing and Neo4j relationship modeling benefit from tuning based on pentesting workflow patterns.
  • Monitoring stack (Grafana, Langfuse, OpenTelemetry) essential for observing agent decision-making and tool output but adds operational overhead.

When to avoid it — and what to weigh

  • You need certified, compliance-audited penetration testing — PentAGI is a research/automation tool, not a replacement for professional penetration testers. Autonomous AI-driven results may not satisfy regulatory audit requirements or professional liability standards.
  • Your threat model requires zero AI model access to test data — Testing data and reconnaissance output must flow to configured LLM providers (OpenAI, Anthropic, etc.) for agent reasoning. Air-gapped environments require local LLM deployment (additional complexity/cost).
  • You need real-time BAS campaigns with predefined attack scripts — PentAGI is positioned as an autonomous assistant, not as CALDERA-style Breach and Attack Simulation with templated adversary emulation playbooks. Attack script generation is described as conceptual future work.
  • Your infrastructure cannot run Docker with nested containers — PentAGI relies on Docker-in-Docker sandboxing for tool execution and requires significant orchestration overhead (Compose, PostgreSQL, Neo4j, observability stack).

License & commercial use

MIT License permits unrestricted commercial use, modification, and distribution with minimal restrictions (retain license and copyright notice). No patent indemnity or liability protection clauses.

MIT is a permissive OSI license allowing commercial products and services built on PentAGI. However, autonomous penetration testing output quality and liability (mis-targeting, false positives, unintended disruptions) remain the responsibility of the operator. No warranty or commercial support model stated in the license or README.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityHigh
DEV.co fitGood
Assessment confidenceHigh
Security considerations

PentAGI sandboxes tool execution in Docker containers with stated isolation. No independent security audit, threat model, or CVE history provided. Considerations: (1) AI agent decision-making is not cryptographically verifiable; (2) tool suite (metasploit, sqlmap) could be misused outside authorized scope; (3) LLM provider communication transmits reconnaissance data to external services unless local models used; (4) Bearer token authentication lacks rate limiting or session management details; (5) no stated input validation/output sanitization for user payloads fed to agents.

Alternatives to consider

CALDERA (Mitre ATT&CK-based)

Mature BAS platform with predefined adversary profiles and attack flows; more suitable for structured breach simulations. Less autonomous AI-driven; more deterministic campaign execution.

Nuclei (ProjectDiscovery)

Lightweight, template-driven vulnerability scanner without autonomous agents. Simpler deployment, smaller attack surface, but requires manual template authoring and orchestration.

Burp Suite + custom scripting

Established commercial tool with professional support and certifications. Manual or scripted workflows; no autonomous multi-agent AI but better commercial liability and compliance positioning.

Software development agency

Build on pentagi with DEV.co software developers

Explore PentAGI's architecture, deploy via Docker Compose, and configure your LLM provider. Start with the quick-start guide and join the community Discord for support.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

pentagi FAQ

Can PentAGI be run without external LLM provider access?
Yes, via local LLM deployment (Ollama or vLLM with models like Qwen3.5). This requires separate GPU provisioning and model management; self-hosting eliminates external API calls but increases infrastructure complexity.
Does PentAGI generate false positives?
Not explicitly documented. AI agents may propose or execute tests incorrectly depending on LLM model quality, prompt design, and target environment constraints. Human review of agent actions is strongly recommended.
Is PentAGI suitable for regulatory penetration testing (e.g., PCI-DSS, SOC 2)?
Unlikely as a standalone tool. Autonomous AI-driven testing may not satisfy audit requirements for professional, documented, and reviewed penetration tests. Use as an accelerant alongside professional testers, not a replacement.
What happens if the AI agent exceeds its authorized test scope?
Not documented. Execution monitoring and approval workflows are mentioned but not detailed. Risk depends on Docker sandbox isolation effectiveness and network policies applied to container environments.

Software development & web development with DEV.co

Adopting pentagi is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source devops software in production.

Ready to automate your penetration testing?

Explore PentAGI's architecture, deploy via Docker Compose, and configure your LLM provider. Start with the quick-start guide and join the community Discord for support.