The Pentest Agent System is an automated penetration testing framework designed to exploit the "Blue" TryHackMe room. Built using Deno and TypeScript, this system employs an agent-based architecture that aligns with the MITRE ATT&CK framework, integrating large language model (LLM) capabilities for enhanced planning, execution, and analysis.
- Orchestrator Agent: Manages the overall operation.
- Planner Agent: Develops attack plans based on the MITRE ATT&CK framework.
- Executor Agent: Executes the attack plans using tools like Nmap and Metasploit.
- Analyst Agent: Analyzes results and generates reports.
- Integration with the MITRE ATT&CK framework.
- Modular architecture for clear separation of concerns.
- Automated reconnaissance and exploitation capabilities.
- Detailed logging and progress tracking.
This documentation serves as a guide for users to understand, maintain, and contribute to the Pentest Agent System.
-
Clone the repository:
git clone https://github.com/your-username/pentest-agent-system.git cd pentest-agent-system -
Set Up Python Environment:
- Navigate to the Python directory:
cd python - Create a virtual environment (optional but recommended):
python -m venv .venv source .venv/bin/activate # On Windows use: .venv\Scripts\activate
- Install Python dependencies:
pip install -r requirements.txt
- Navigate to the Python directory:
-
Verify that agents can reach Metasploit and Nmap, you can use local installations or run the tools from Docker containers:
msfconsole -v nmap --version
-
Set your LLM API key as an environment variable (optional, for enhanced capabilities):
export OPENAI_API_KEY="your-api-key" export ANTHROPIC_API_KEY="your-api-key"
-
Connect to the TryHackMe VPN:
sudo openvpn your-thm-username.ovpn
-
Deploy the Blue Room machine on TryHackMe.
-
To run the Streamlit application:
streamlit run python/main.py
-
Using the Streamlit Interface:
- Model Selection: In the sidebar, select the AI model you wish to use (e.g., Claude or GPT-4).
- Nmap Settings: You can choose to run Nmap in a Docker container or locally.
- Input Queries: Use the chat input to enter your queries, such as scanning a target IP.
To scan a target IP address, you can input a command like:
Scan the target IP 192.168.1.1 for vulnerabilities
The system will process the request and provide the scan results.
After execution, the system generates nmap results and if there are vulnerabilities found it will pass the findings to the executor agent. Short-term and long-term memory is supported for the following file types:
- Attack plan files (JSON)
- Execution state files (JSON)
- Operation result files (JSON)
- Log files
Refer to the Results section in the README for more details on the output files.