gfranrp/Auto-Pentest-LLM

View on GitHub by @gfranrp

🔍 Automate penetration testing with an intelligent agent that organizes security assessments, leveraging local LLMs and Kali Linux for effective exploitation.

What's novel

🔍 Automate penetration testing with an intelligent agent that organizes security assessments, leveraging local LLMs and Kali Linux for effective exploitation.

Code Analysis

9 files read · 3 rounds

An LLM-driven automation script that orchestrates standard penetration testing tools (nmap, gobuster, sqlmap) on a remote Kali Linux instance via SSH.

Strengths

Clean separation of concerns between the decision-making brain, execution layer, and tool definitions. Uses lightweight local-first architecture with ChromaDB for memory and dynamic prompt swapping for multi-agent behavior without heavy framework dependencies.

Weaknesses

Critical security vulnerability allowing unrestricted shell command execution via LLM hallucinations. Lacks robust error handling (no retry logic, brittle JSON parsing) and has zero test coverage.

Score Breakdown

Innovation

4 (25%)

Craft

31 (35%)

Traction

14 (15%)

Scope

54 (25%)

Signal breakdown

Innovation

Not Fork+1

Code Novelty+1

Concept Novelty+1

Craft

Ci-3

Tests-5

Polish+0

Releases-2

Has License+0

Code Quality+16

Readme Quality+15

Recent Activity+7

Structure Quality+5

Commit Consistency+0

Has Dependency Mgmt+5

Traction

Forks+6

Stars+6

Hn Points+0

Watchers+3

Early Traction+0

Devto Reactions+0

Community Contribs+2

Scope

Commits+3

Languages+5

Subsystems+10

Bloat Penalty+0

Completeness+6

Contributors+6

Authored Files+8

Readme Code Match+3

Architecture Depth+5

Implementation Depth+8

Evidence

Commits

Contributors

Files

Active weeks

TestsCI/CDREADMELicenseContributing

Repository

Language

Python

Stars

Forks

License

—