Saturday , July 18 2026
PentestCode

“PentestCode” AI Agent Automating Penetration Testing with 18 Tools

A new free tool is adding AI helpers into security work. PentestCode is a version of OpenCode made just for penetration testing. It uses security tools, checks the results, and makes smart choices all from a terminal, needing very little help from people.

The main idea of the tool is to automate methods. A tester gives one command, like focusing on an IP to reach domain admin, and PentestCode’s coordinator agent does the rest.

“PentestCode” AI Agent Automating Penetration Testing with 18 Tools

A new free tool is adding AI helpers into security work. PentestCode is a version of OpenCode made just for...
Read More
“PentestCode” AI Agent Automating Penetration Testing with 18 Tools

CVE-2026-60137, CVE-2026-63030
Patch immediately! 2 high severity WordPress flaws found

The WordPress security team received reports about these flaws: CVE-2026-60137 : A facilitated SQL injection issue reported as a team...
Read More
CVE-2026-60137, CVE-2026-63030  Patch immediately! 2 high severity WordPress flaws found

Windows LegacyHive 0, AWS, Fortinet, TP-LINK multiple flaws got hackers attention

A Windows security flaw called LegacyHive (MSNightmare) misuses the User Profile Service. This allows local users to gain higher privileges,...
Read More
Windows LegacyHive 0, AWS, Fortinet, TP-LINK multiple flaws got hackers attention

CVE-2026-53412
Zoom Warns of critical account takeover Flaw via Network Access

Zoom has issued updates for a flaw in the Windows desktop client, known as CVE-2026-53412. This issue may allow an...
Read More
CVE-2026-53412  Zoom Warns of critical account takeover Flaw via Network Access

India to built Mythos-like AI model “Sarvam AI” and “BharatGen” assigned

India is speeding up its work to make homegrown AI models for cybersecurity. These models will help protect important digital...
Read More
India to built Mythos-like AI model “Sarvam AI” and “BharatGen” assigned

Cursor, SonicWall, SharePoint 0-day exploited to the wild

A serious security flaw in Cursor, a popular AI code editor used by more than 7 million developers, lets attackers...
Read More
Cursor, SonicWall, SharePoint 0-day exploited to the wild

Microsoft Patch Tuesday July-2026 fixes 570 flaws, 3 zero-days

Microsoft's Patch Tuesday in July 2026 fixes around 570 security flaws in its products. This comes after June's big update,...
Read More
Microsoft Patch Tuesday July-2026 fixes 570 flaws, 3 zero-days

Fortinet Patches 7 Flaws In FortiOS, FortiProxy, FortiPAM, and FortiSandbox

Fortinet fixes seven new security warnings on July 14, 2026. These affect FortiOS, FortiProxy, FortiPAM, and FortiSandbox. The issues vary...
Read More
Fortinet Patches 7 Flaws In FortiOS, FortiProxy, FortiPAM, and FortiSandbox

CISA warns Cisco IOS flaw, while VMware flaw allows bypassing authentication

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers are using CVE-2008-4128, a CSRF flaw in Cisco...
Read More
CISA warns Cisco IOS flaw, while VMware flaw allows bypassing authentication

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

It runs an nmap -sS -p- scan, auto-parses results into a structured engagement state, and recognizes patterns like ports 88 and 389 signaling a Domain Controller.

PentestCode AI Penetration Testing Agent

It creates parallel subagents to check SMB, LDAP, and HTTP. It also tries an AS-REP roasting attack to get weak Kerberos passwords. Then, it uses any found passwords on all discovered services: SMB, WinRM, LDAP, RDP.

A successful WinRM login starts an agent that collects SAM, LSA, and DPAPI secrets, and each step is recorded in a proof chain.

PentestCode, made by Zhangir Ospanov, uses a planner and organizer design based on HPTSA research. The developers say it is 4.3 times better than using just one agent.

Thirteen agents do different jobs: looking for information, scanning systems, counting assets, exploiting weaknesses, attacking identities like Active Directory/Kerberos, working with infrastructure protocols like SNMP and IPMI, testing web applications, dealing with issues after exploitation, developing exploits, filtering out false positives, and reporting. They all work together in real-time.

That shared state is the most unique part of the project. It keeps track of hosts, services, vulnerabilities (with scores and status), credentials, access levels, and a graph showing how things are connected using labels like EXPLOITED_VIA and PIVOT_TO.

A path module uses Dijkstra’s and Yen’s K-shortest-paths algorithms to find routes in this graph. The state stays the same between sessions, so testers can continue multi-day work without losing track.

PentestCode offers 18 special tools for offensive tasks beyond just basic shell access. Parsers change raw results from Nmap, Nuclei, NetExec, Gobuster, BloodHound, and sqlmap into organized entries. You must use these tools to make sure no findings get missed during manual searching.

Additional tools manage JWT checks, XSS finding, credential-spray plans, scope checks, tunnel control, and report making.

Nineteen on-demand “skill” packs, markdown-based knowledge files covering phase checklists, service-specific tactics, and playbooks for AD, web apps, and cloud, extend the agent’s domain knowledge without code changes.

The tool is available on GitHub. It is called “not stealthy,” not good for red-team OPSEC situations, and often runs more than needed.

Token costs for real projects can be $5–50 based on the size and the LLM chosen. Claude Opus/Sonnet is said to work better than GPT-4o and local models for multi-agent teamwork.

Security teams looking at AI tools should know PentestCode is still beta software. It has no user interface, no Burp Suite connection, and changing APIs. It helps with careful checking but is not a substitute for human-made complex attack plans or creative attack ideas.

“AutoPentestX”: Automated Penetration Testing Toolkit for Linux

Check Also

MCP Servers

Thousands of MCP Servers Exposed to File Access and Injection Attacks

Thousands of Model Context Protocol (MCP) servers have serious security flaws like file access issues, …