LLM Pentest Automation LLM Tools
Tools that use LLMs to automate penetration testing workflows including reconnaissance, scanning, exploitation, and reporting. Does NOT include general vulnerability detection, code auditing, or security training platforms.
There are 80 llm pentest automation tools tracked. 1 score above 70 (verified tier). The highest-rated is GreyDGL/PentestGPT at 76/100 with 12,054 stars and 882 monthly downloads. 1 of the top 10 are actively maintained.
Get all 80 projects as JSON
curl "https://pt-edge.onrender.com/api/v1/datasets/quality?domain=llm-tools&subcategory=llm-pentest-automation&limit=20"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
| # | Tool | Score | Tier |
|---|---|---|---|
| 1 |
GreyDGL/PentestGPT
Automated Penetration Testing Agentic Framework Powered by Large Language Models |
|
Verified |
| 2 |
ipa-lab/hackingBuddyGPT
Helping Ethical Hackers use LLMs in 50 Lines of Code or less.. |
|
Established |
| 3 |
berylliumsec/nebula
AI-powered penetration testing assistant for automating recon, note-taking,... |
|
Established |
| 4 |
MorDavid/BruteForceAI
Advanced LLM-powered brute-force tool combining AI intelligence with... |
|
Established |
| 5 |
sherifkozman/the-red-council
LLM Adversarial Security Arena — Jailbreak → Detect → Defend → Verify |
|
Emerging |
| 6 |
protectai/vulnhuntr
Zero shot vulnerability discovery using LLMs |
|
Emerging |
| 7 |
mbrg/power-pwn
An offensive/defense security toolset for discovery, recon and ethical... |
|
Emerging |
| 8 |
mrheinen/lophiid
A hybrid AI honeypot for monitoring large scale web attacks |
|
Emerging |
| 9 |
perplext/LLMrecon
Enterprise-grade LLM security testing framework implementing OWASP LLM Top... |
|
Emerging |
| 10 |
jjang-ai/exploitbot
No bs theatricals. Real automated pentesting. Mac only. |
|
Emerging |
| 11 |
AkihiroSuda/vexllm
silence negligible CVE alerts using LLM |
|
Emerging |
| 12 |
morpheuslord/GPT_Vuln-analyzer
Uses ChatGPT API, Bard API, and Llama2, Python-Nmap, DNS Recon, PCAP and JWT... |
|
Emerging |
| 13 |
morpheuslord/Nmap-API
Uses python3.10, Debian, python-Nmap, OpenaAI, and flask framework to create... |
|
Emerging |
| 14 |
serptail/p0-Cracking-Tool
GUI-based hash cracking tool. Supports 20+ hash algorithms and five attack... |
|
Emerging |
| 15 |
iammm0/secbot
⚠️ 本工具仅用于授权的安全测试。未经授权使用本工具进行网络攻击是违法的。一个智能化的自动化渗透测试机器人,具备AI驱动的安全测试能力。 |
|
Emerging |
| 16 |
BishopFox/llm-testing-findings
LLM Testing Findings Templates |
|
Emerging |
| 17 |
l8cv/BusterX
BusterX and BusterX++ |
|
Emerging |
| 18 |
Vortalitys/PrivHunterAI-detects-access-vulnerabilities
A tool that detects unauthorized access vulnerabilities through passive... |
|
Emerging |
| 19 |
stratosphereips/VelLMes-AI-Deception-Framework
Interactive, dynamic, and realistic LLM honeypots |
|
Emerging |
| 20 |
langsec-ai/langsec
Security framework for LLM-generated SQL queries 🛡️ |
|
Emerging |
| 21 |
yogsec/Hacker-AI
This tool combines the power of Ollama (Mistral) with your terminal to turn... |
|
Emerging |
| 22 |
TrustAI-laboratory/LMAP
LMAP (large language model mapper) is like NMAP for LLM, is an LLM... |
|
Emerging |
| 23 |
chetstriker/PenPeeper
Manage engagements, run scans, and generate reports from a central hub |
|
Emerging |
| 24 |
shaialon/ai-security-demos
🤯 AI Security EXPOSED! Live Demos Showing Hidden Risks of 🤖 Agentic AI... |
|
Emerging |
| 25 |
chawins/pal
PAL: Proxy-Guided Black-Box Attack on Large Language Models |
|
Experimental |
| 26 |
zealscott/AutoProfiler
Source code for Automated Profile Inference with Language Model Agents |
|
Experimental |
| 27 |
byt3n33dl3/thc-BloodMiami
AI ChatBox and LLM Pentesting frameworks (https://chatgpt.com) with power of... |
|
Experimental |
| 28 |
hexian2001/H-Pentest
🔐 H-Pentest v2.0 🥷 AI-Powered Penetration Testing Platform |
|
Experimental |
| 29 |
sean-t-smith/pwned-by-passgpt
Password cracking research using the Have I Been Pwned (HIBP) dataset to... |
|
Experimental |
| 30 |
mez-0/citadel
A Payload Analysis Framework |
|
Experimental |
| 31 |
thisis0xczar/FrogPost
FrogPost: postMessage Security Testing Tool |
|
Experimental |
| 32 |
HKU-TASR/Imperio
[IJCAI 2024] Imperio is an LLM-powered backdoor attack. It allows the... |
|
Experimental |
| 33 |
Hacking-Notes/VulnScan
Performing website vulnerability scanning using OpenAI technologie |
|
Experimental |
| 34 |
qroa/QROA
QROA: A Black-Box Query-Response Optimization Attack on LLMs |
|
Experimental |
| 35 |
SnailSploit/The-LLM-Red-Teamer-s-Playbook
A diagnostic methodology for bypassing LLM defense layers — from input... |
|
Experimental |
| 36 |
VerisimilitudeX/PasswordLLM
A fast combinatorial tool that tests your password against real-world... |
|
Experimental |
| 37 |
vujcec/sc-vuln-llm-vs-tools
Blockchain security research repository comparing LLM-assisted smart... |
|
Experimental |
| 38 |
davincico/ChatGPT-2-HACKER
All in one vulnerability scanning and pentest tool empowered with ChatGPT... |
|
Experimental |
| 39 |
TrustAI-laboratory/LLM-Security-CTF
Learn LLM/AI Security through a series of vulnerable LLM CTF challenges. No... |
|
Experimental |
| 40 |
isilderrr1/redteam-gpt
AI-driven offensive security terminal for automated reconnaissance and... |
|
Experimental |
| 41 |
git-disl/GPTLens
Large Language Model-Powered Smart Contract Vulnerability Detection: New... |
|
Experimental |
| 42 |
pepoanas/llm-vuln-scanner
🔍 Enhance local LLM security by testing for vulnerabilities like prompt... |
|
Experimental |
| 43 |
0xKoda/pwnd-GPT
AI assisted incident response for any cyber issue. Clear malware, patch... |
|
Experimental |
| 44 |
nuromirzak/hackprobe
AI-assisted black-box security audit as a Claude Code skill. Orchestrates... |
|
Experimental |
| 45 |
team-acatche/cheshire
A security compliance assessment tool for project documents to empower... |
|
Experimental |
| 46 |
chasepd/CodeScanGPT
An experimental Static Application Security Testing (SAST) scanner built on... |
|
Experimental |
| 47 |
aiauthz/llm-authz-audit
Scan your LLM-powered applications for authorization gaps, leaked... |
|
Experimental |
| 48 |
SasanLabs/LLMForge
LLMForge is a modular AI security gateway for building and testing dynamic... |
|
Experimental |
| 49 |
seikaikyo/ai-red-team
LLM adversarial testing toolkit for evaluating language model safety. 96... |
|
Experimental |
| 50 |
Chickenman18/AD-Lab-LLMNR-NetBIOS-Poisoning
🔓 Demonstrate LLMNR/NetBIOS poisoning in a virtual Active Directory setup... |
|
Experimental |
| 51 |
Balzabu/android-pentest-ai
AI-powered Android penetration testing skill. Static analysis, Frida bypass... |
|
Experimental |
| 52 |
user1342/Oversight
A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability... |
|
Experimental |
| 53 |
bad-antics/nullsec-gpt
AI-powered vulnerability scanner using GPT |
|
Experimental |
| 54 |
jasoncobra3/LLM_Sentinel
LLM Sentinel Red Teaming Platform is an enterprise-grade framework for... |
|
Experimental |
| 55 |
doublegate/OctoLLM
[OctoLLM] Multi-agent LLM Architecture for Offensive Security and Developer... |
|
Experimental |
| 56 |
wasif-itu/Autopentesting-Recon
AI-powered automated directory traversal vulnerability scanner with GPT... |
|
Experimental |
| 57 |
suresh-1001/pci-dss-certification-automation
pci-dss-certification-automation |
|
Experimental |
| 58 |
AdityaBhatt3010/Exploiting-vulnerabilities-in-LLM-APIs
Weaponizing LLM prompt injection to hijack user deletion logic — an... |
|
Experimental |
| 59 |
whitedevil-21/PDF-CRACKER
THIS TOOL CRACKING ANY PDF AS PER USER REQUIREMENTS & DESIGN FOR EDUCATIONAL... |
|
Experimental |
| 60 |
roninazure/project-darc-feed
Project D.A.R.C. is a security‑focused AI recon tool designed to find... |
|
Experimental |
| 61 |
vukssan/KamelionStack-OSE
🔍 Automate your pentesting with KameLionStack OSE, using AI to streamline... |
|
Experimental |
| 62 |
DeciSym/recon-village-2025-defcon33-decisym
This project includes tools and scripts demonstrating the techniques... |
|
Experimental |
| 63 |
olekgolus11/nulltrace
🧪 AI-assisted penetration testing TUI for guided web recon and tool orchestration. |
|
Experimental |
| 64 |
raghavpathak30/PwnBot
AI-powered terminal assistant for HTB, bug bounty, and authorized... |
|
Experimental |
| 65 |
Meysamshiralii/coruna_analysis
Analyze and deobfuscate the Coruna Exploit Kit (CVE-2024-23222) to enhance... |
|
Experimental |
| 66 |
jungwankim001-ui/InstaTrace
🔍 Extract private Instagram post URLs from collaborative posts for research... |
|
Experimental |
| 67 |
Riquelme54322/CVE-2025-5419
🛡️ Analyze CVE-2025-5419 to exploit an uninitialized read vulnerability in... |
|
Experimental |
| 68 |
snralty-lab/VOLT
🔎 Scan websites quickly for common vulnerabilities with VOLT, a fast and... |
|
Experimental |
| 69 |
vaptgpt/vaptor
Vaptor AI |
|
Experimental |
| 70 |
InfoSecREDD/ExPW
Scans for Open Ports, then searches ExploitDB for PoC's on that service then... |
|
Experimental |
| 71 |
symflower/symflower
Whether you’re using LLMs or not, Symflower helps you build better software... |
|
Experimental |
| 72 |
RedTeamingforLLMs/RedTeamingforLLMs
A framework designed for executing positive red-teaming experiments on large... |
|
Experimental |
| 73 |
dan0nchik/llm-attack-kit
A collection of LLM attacks |
|
Experimental |
| 74 |
aivillage/llm_verification
LLM prompt attacks for hacker CTFs via CTFd. |
|
Experimental |
| 75 |
copyleftdev/blsmesh
Distributed adversarial behavioral security evaluation framework for LLMs -... |
|
Experimental |
| 76 |
annoeyed/MA_BLR
A research framework for simulating, detecting, and defending against... |
|
Experimental |
| 77 |
jc-ryan/holistic_automated_red_teaming
[EMNLP 2024] Holistic Automated Red Teaming for Large Language Models... |
|
Experimental |
| 78 |
godagarah/PentestGPT
🛡️ Automate penetration testing with PentestGPT, an AI-driven agent designed... |
|
Experimental |
| 79 |
KadirArslan/Mithra-Scanner
Mithra Scanner is an interactive API testing tool for prompt injection,... |
|
Experimental |
| 80 |
topscoder/aisubs
Leverage the power of AI to find hard to find subdomains. |
|
Experimental |