A Complete AI Penetration Testing Landscape: 56 Open‑Source Agents, 73 Papers, and Key Models

The article surveys the emerging field of AI‑driven offensive security, cataloguing 56 open‑source penetration‑testing agents, 73 academic papers, six offensive models, benchmark suites, and DARPA AIxCC 2025 finalists, offering researchers and practitioners a consolidated view of tools, research trends, and evaluation frameworks.

Black & White Path
Black & White Path
Black & White Path
A Complete AI Penetration Testing Landscape: 56 Open‑Source Agents, 73 Papers, and Key Models

Project Overview

Awesome Offensive AI Agentic Landscape is a curated index of AI‑driven offensive security resources, updated to 15 July 2026. It lists open‑source penetration‑testing agents, LLM red‑team tools, vulnerability‑mining agents, uncensored offensive models, security‑specialized models, academic papers, benchmark suites, and commercial solutions.

AI security Agent ecosystem
AI security Agent ecosystem

Resource Scale

56 open‑source Agent projects (Star ≥ 90)

73 academic papers

6+ offensive open‑source models

49 commercial solutions

Coverage of >40 foreign and 9 domestic resources

Starred Open‑Source Projects

Penetration‑Testing Agents

Shannon (45.6k ⭐) : autonomous white‑box AI tool for web applications and APIs.

Strix (41k ⭐) : open‑source AI hacker that discovers and patches application vulnerabilities across multiple attack scenarios.

PentestGPT (14.2k ⭐) : LLM‑driven automated penetration‑testing framework, an early benchmark.

Pentest‑Swarm‑AI (2.1k ⭐) : first “swarm” architecture for autonomous penetration, using a pheromone blackboard for decentralized collaboration; supports Claude API and local Ollama deployment.

pentest‑ai : wraps >205 security tools on an MCP server, includes 17 specialized agents, provides deterministic vulnerability verification with zero false positives.

LLM Red‑Team Tools

promptfoo (23.2k ⭐) : LLM application red‑team / penetration / vulnerability‑scan tool adopted by OpenAI, Anthropic and others.

garak (8.4k ⭐) : NVIDIA’s LLM vulnerability scanner, described as the “nmap of LLMs”.

PyRIT (4.1k ⭐) : Microsoft’s generative‑AI risk identification tool.

Vulnerability‑Mining Agents

vulnhuntr (2.7k ⭐) : zero‑shot LLM vulnerability discovery tool, claimed to be the first AI system that autonomously finds 0‑day exploits.

VulnLLM‑R (7B) : UCSB‑SURFI model that outperforms CodeQL and AFL++ on Python, C, C++, and Java.

Offensive Open‑Source Models

Uncensored Offensive Models

Qwythos‑9B‑Claude‑Mythos : uncensored model with ~1 M context window, runnable on 4 GB VRAM.

WhiteRabbitNeo/DeepHat : family ranging from 7 B to 70 B, designed for red‑team use without safety alignment.

CyberStrike‑OffSec‑35B : 35 B mixture‑of‑experts model specialized in exploit development, red‑team operations, and cloud attacks.

Security‑Specialized Models

VulnLLM‑R : vulnerability‑mining inference model with weak offensive alignment.

Meta‑SecAlign‑8B : fully open‑source commercial‑grade LLM that includes built‑in prompt‑injection defense.

Academic Research Frontiers

73 papers are grouped into three themes:

Penetration testing & red‑team agents : empirical studies on LLM‑driven testing effectiveness, multi‑agent 0‑day exploitation, autonomous privilege escalation.

Vulnerability mining / exploitation / remediation : includes the AIxCC 2025 champion ATLANTIS system and FuzzingBrain V2, which discovered 29 0‑days via OSS‑Fuzz.

Benchmark suites & training methods : CVE‑Bench, Cybench, NYU CTF Bench and similar frameworks for evaluating AI security capabilities.

The 2024 UIUC Kang Lab paper “Teams of LLM Agents can Exploit Zero‑Day Vulnerabilities” demonstrates coordinated LLM agents autonomously exploiting previously unknown flaws.

DARPA AIxCC 2025 Finals

Seven teams open‑sourced complete Cyber Reasoning Systems. Top three entries:

🥇 Team Atlanta – system ATLANTIS – 613 Stars

🥈 Trail of Bits – system Buttercup – 1.6k Stars

🥉 Theori – system RoboDuck – (no star count reported)

Resources

Repository: https://github.com/Yeti-791/Awesome-Offensive-AI-Agentic-Landscape

AI capabilities are expanding from single‑point tools to multi‑agent collaboration and from known‑vulnerability exploitation to autonomous 0‑day discovery, reshaping the offensive‑defensive balance in cybersecurity.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

research papersAI securityAI modelsLLM agentspenetration testingoffensive AIDARPA AIxCCopen-source agents
Black & White Path
Written by

Black & White Path

We are the beacon of the cyber world, a stepping stone on the road to security.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.