pentestagent and hackagent
PentestAgent performs black-box security testing on arbitrary targets, while HackAgent specifically focuses on detecting vulnerabilities within AI agents themselves, making them complementary in a scenario where one wants to test an AI agent using an AI pentesting tool.
About pentestagent
GH05TCREW/pentestagent
PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.
Built on LiteLLM for multi-model LLM support, PentestAgent features a hierarchical agent architecture where instances can spawn isolated child agents via stdio transport (`spawn_mcp_agent`), enabling parallel task delegation without external orchestration. It integrates MCP (Model Context Protocol) servers with automatic RAG-based tool optimization for large tool sets, includes prebuilt attack playbooks for structured assessments, and offers Docker isolation with both minimal and Kali Linux images containing pentesting tools like metasploit and sqlmap.
About hackagent
AISecurityLab/hackagent
HackAgent is an open-source security toolkit to detect vulnerabilities of your AI Agents
Provides a modular framework with pre-built attack techniques (prompt injection, jailbreaking, goal hijacking) extensible for custom vectors, alongside an interactive CLI and Python SDK. Integrates with LiteLLM, Google ADK, and OpenAI SDK, with results automatically sent to a cloud dashboard for analysis and visualization.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work