A fully autonomous AI red-team tool, PentAGI, has been released as open source. It is drawing attention in the cybersecurity industry, with more than 8,200 stars on GitHub.

On March 20 local time, digital creator and software engineer Guri Singh (구리 싱) wrote on X (Twitter) that PentAGI is not a single AI agent. He said AI agents dedicated to research, development, penetration testing and risk analysis operate as a team, like a real security company.

The structure has the agents coordinate among themselves before starting an attack.

In its internal structure, an orchestrator agent designs the full attack chain. A researcher agent gathers information from the web, search engines and vulnerability databases. A developer agent writes customised exploit code in real time. An executor agent runs more than 20 specialised security tools, including Nmap, Metasploit and SQLmap. A memory system learns from each test to improve performance.

All tasks run inside fully isolated sandbox Docker containers. A Neo4j-based knowledge graph tracks relationships among targets, vulnerabilities, tools and techniques across all tests.

Singh said, "Cybersecurity firms charge $25,000 to $150,000 per job for the same penetration-testing work, but PentAGI is free. It is 100 percent open source under the MIT licence."