▸ pentest-swarm-ai · open_source

Machine-Speed Attacks.Human-Level Reasoning.

Built for your cloud infra. A swarm of autonomous AI agents that chains vulnerabilities — across APIs, web apps, and infrastructure — the way a real attacker would. Open-source so you can audit the reasoning. Deployed against your stack by the team that built it.

Deploy It Against Your Stack

▸

A swarm of specialists. One coordinated attack.

Eight specialist agents share a single blackboard — each one recon, auth, web, cloud, IaC, supply chain, network, exploitation. They chain findings across surfaces the way a real adversary would, and the reasoning is reproducible and auditable. No black-box scanners.

pentest-swarm · sample.loglive

$ pentest-swarm spawn --target your.stack

▸ initializing 8 specialist agents

▸ recon 247 endpoints discovered

▸ auth JWT alg=none → bypass confirmed

▸ web IDOR on /api/users · 14,231 records

▸ cloud s3://acme-backups · PUBLIC READ

▸ chain auth → idor → exfil · 3 hops

✓ engagement complete · 47 findings · audit log written

armur-ai · pentest-swarm-ai

stars · agpl-3.0 · built in the public

audit the reasoning · every commitgit clone →

▸ engagements

Want it run against your stack?

The team that built the swarm will deploy it against your production-grade environment, validate findings by hand, and hand back a report your engineers will actually use.

Talk to the team

▸

Eight specialists. One shared brain.

Each agent has a single specialty. They share state through a stigmergic blackboard — a finding from one agent immediately becomes input for the next. That's how the swarm reasons across surfaces a single tool would never chain.

shared

blackboard

/tmp/armur.bb

recon/01

enumerate attack surface

▸ 247 endpoints discovered

auth/02

session + token attacks

▸ JWT alg=none bypass

web/03

OWASP + business logic

▸ IDOR · 14k records

cloud/04

IAM, storage, compute

▸ s3://*-backups public

iac/05

terraform + kubernetes

▸ admin policy attached

supply/06

deps, typosquats, SBOMs

▸ maintainer takeover

network/07

services + segmentation

▸ smb anon · 47 GB

exploit/08

chain + prove impact

▸ auth → idor → exfil

recon/01

enumerate attack surface

▸ 247 endpoints discovered

auth/02

session + token attacks

▸ JWT alg=none bypass

web/03

OWASP + business logic

▸ IDOR · 14k records

cloud/04

IAM, storage, compute

▸ s3://*-backups public

iac/05

terraform + kubernetes

▸ admin policy attached

supply/06

deps, typosquats, SBOMs

▸ maintainer takeover

network/07

services + segmentation

▸ smb anon · 47 GB

exploit/08

chain + prove impact

▸ auth → idor → exfil

pentest-swarm · engagement.loglive

ops_active

▸

Hire the team. Use the full arsenal.

Don't run the swarm alone. The people who wrote it will deploy it against your environment, validate every chain by hand, and walk your engineers through the report. Plus the full open-source arsenal we maintain alongside it.

▸ direct engagementaccepting briefs

The team that built the swarm, deployed against your stack.

▸ engagement lifecycle~ 3 to 6 weeks end-to-end

[01]

Scope

2-3 days

[02]

Deploy

1 day

[03]

Execute

2-4 wks

[04]

Validate

3-5 days

[05]

Report

48h SLA

[06]

Retest

included

▸ what you get

✓Senior operators run the swarm against your production stack
✓Every chained finding hand-validated — zero noise in the report
✓Audit-ready report + reproducible run logs your engineers can re-run
✓One-off engagement or continuous cadence

Brief the team· 10–15 engagements / year capacity

▸ plus the rest of the arsenal

Open-source tools the same team maintains.

Specialised modules for the offensive-security stack — auditable, forkable, deployable. Each one solves a specific problem the swarm keeps running into.

● ACTIVE60

vibescan

AI-code security scanner

sample

$ vibescan ./src --depth=ai-aware

✓ 47 vulns · 3 critical chains

//Scan AI-generated code for vulnerabilities — 30+ tools, 15+ languages, sandboxed exploit simulation in the loop.

GoMIT

git clone →

● RESEARCH12

agat

polymorphic malware analysis

sample

$ agat analyze --sample bin.exe

✓ 4 mutation variants detected

//Analyze polymorphic, metamorphic, and AI-rewritten malware. Built ahead of the threat, not after it lands.

RustAGPL-3.0

git clone →

● BUILDING8

skillscan

Claude-Skill vuln scanner

sample

$ skillscan ./skill.json --strict

✗ 2 prompt-injection paths

//Audit Claude Skills before you install them. Prompt injection, exfiltration paths, supply-chain attacks.

RustMIT

git clone →

● BUILDING5

akira

attack-path simulator

sample

$ akira map --target acme.io --depth=3

✓ 142 edges · 8 attack paths

//Graph-based attack-path simulator for AI-augmented systems. MITRE ATT&CK plus AI-specific vectors.

TypeScriptMIT

git clone →

▸$ ls /Armur-Ai · the whole org on github →

▸

The Pentest Dojo. Train for the post-AI war room.

A free open-source curriculum for AI-assisted offensive security — the first generation of labs that take post-AI threat models seriously. Agentic recon, model-aware testing, prompt-injection chains, swarm orchestration. Vendor-agnostic. Runs on your laptop.

▸ curriculum path8 modules · ~14h total · self-paced

[01]

Fundamentals

1 module

[02]

Core

2 modules

[03]

AI-Specific

2 modules

[04]

Advanced

2 modules

[05]

Capstone

1 module

// WHAT_YOU_LEARNdifficulty ●○○○ → ●●●●

── Fundamentals1 lab

LAB_01agentic_recon●○○○

── Core2 labs

LAB_02autonomous_exploit●●○○
LAB_05agent_trust_boundaries●●○○

── AI-Specific2 labs

LAB_03model_aware_testing●●○○
LAB_04prompt_injection_chains●●●○

── Advanced2 labs

LAB_06swarm_orchestration●●●○
LAB_07supply_chain_for_ai●●●○

── Capstone1 lab

LAB_08live_red_team_dojo●●●●

dojo.deploy

Deploy the dojo locally· Apache 2.0 · runs on docker compose