u/ShufflinMuffin

Welcome to /r/vibehacking

This pinned thread is a living index of tools at the intersection of AI and security: AI pentest agents, LLM red-team tools, prompt-injection scanners, AI-assisted code review, security MCP servers, vulnerable labs, and research resources.

This is not an endorsement list. Some projects are mature, some are experiments, and some are probably overhyped. Use judgment, read the code, run tools in a lab, and only test systems you are authorized to test.

If you want to suggest a tool, drop a comment with:

Project name
Link
What it does in one sentence
Whether you have actually used it
Any warnings, limitations, or setup pain

AI pentest agents and offensive-security copilots

These projects try to make LLMs useful for recon, triage, exploitability reasoning, reporting, or coordinated pentest workflows.

PentAGI - https://github.com/vxcontrol/pentagi - Fully autonomous AI agent system for penetration-testing tasks. - Interesting because it aims at end-to-end pentest workflows instead of one-off prompt helpers.
HexStrike AI - https://github.com/0x4m4/hexstrike-ai - MCP server that exposes 150+ cybersecurity tools to AI agents like Claude, GPT, and Copilot. - Useful category: AI-to-tool bridge for authorized pentesting and security research.
Pentest Swarm AI - https://github.com/Armur-Ai/Pentest-Swarm-AI - Multi-agent pentesting system with recon, classification, exploitation, and reporting roles. - Good example of the “swarm of specialists” approach.
pentest-ai-agents - https://github.com/0xSteph/pentest-ai-agents - Claude Code subagents for authorized pentest planning, recon analysis, exploit research, detections, audits, and reporting. - Useful if you already live inside Claude Code-style agent workflows.
Pentest Copilot - https://github.com/bugbasesecurity/pentest-copilot - Browser-based AI assistant for ethical hacking and pentest workflows. - More “copilot” than fully autonomous agent.
xalgorix - https://github.com/xalgord/xalgorix - Open-source AI pentesting agent. - Worth watching as part of the newer wave of small AI pentest frameworks.
Dark-Moon - https://github.com/ASCIT31/Dark-Moon - Autonomous AI pentesting engine for web, cloud, Active Directory, and Kubernetes according to its README. - Treat as experimental until independently tested.
NetworkAttackSimulator - https://github.com/Jjschwartz/NetworkAttackSimulator - A simulated network environment for testing AI pentesting agents. - Useful for benchmarking agents without pointing them at real targets.
AIPentestCopilot - https://github.com/TheMalwareGuardian/AIPentestCopilot - AI-driven breach and attack simulation proof of concept. - Looks more like an early PoC than a mature platform.
BugHunter-AI - https://github.com/ARESHAmohanad/BugHunter-AI - AI-assisted pentesting framework with GUI and task scheduling. - Worth listing for people tracking smaller projects.

LLM security, AI red teaming, and model-risk tools

These tools are focused on testing LLM apps, agents, RAG systems, prompt-injection exposure, jailbreak behavior, and AI infrastructure risk.

promptfoo - https://github.com/promptfoo/promptfoo - Prompt, agent, and RAG testing framework with red-teaming and vulnerability scanning features. - One of the more practical tools for CI/CD style AI security testing.
garak - https://github.com/NVIDIA/garak - LLM vulnerability scanner from NVIDIA. - Useful for probing model behavior and known LLM risk classes.
PyRIT - https://github.com/microsoft/PyRIT - Microsoft’s Python Risk Identification Tool for generative AI. - Framework for security professionals to identify risks in generative AI systems.
agentic_security - https://github.com/msoedov/agentic_security - Agentic LLM vulnerability scanner and AI red-teaming kit. - Good example of using agent loops for LLM app testing.
AI-Infra-Guard - https://github.com/Tencent/AI-Infra-Guard - Full-stack AI red-teaming platform covering agent scan, skills scan, MCP scan, AI infrastructure scan, and jailbreak evaluation. - Interesting because it treats AI systems as infrastructure, not just prompts.
Rebuff - https://github.com/protectai/rebuff - Prompt-injection detector for LLM applications. - Useful defensive component for app-integrated LLMs.
llm-security - https://github.com/greshake/llm-security - Research and examples around breaking app-integrated LLMs. - More educational and research-oriented than a scanner.
parry-guard - https://github.com/vaporif/parry-guard - Prompt-injection scanner for AI coding tools like Claude Code and Codex. - Relevant to agent security and tool-use pipelines.
clawguard - https://github.com/joergmichno/clawguard - Prompt-injection scanner for AI agents with pattern-based detections. - Small but relevant to the “secure the agent context” problem.
GhostPrompt - https://github.com/Tuguberk/GhostPrompt - PDF prompt-injection scanner for hidden instructions and malicious document content. - Useful category because documents are a real attack surface for agents.
LMAP - https://github.com/TrustAI-laboratory/LMAP - “Nmap for LLMs” style vulnerability scanner and fuzzer. - Interesting concept for mapping LLM attack surface.
RAG Security Scanner - https://github.com/olegnazarov/rag-security-scanner - Scanner for RAG and LLM application risks. - Good category to track as more companies deploy RAG internally.

AI-assisted code security and vulnerability scanning

These projects use LLMs or AI workflows to find, explain, or fix vulnerabilities in codebases.

AI-Infra-Guard - https://github.com/Tencent/AI-Infra-Guard - Also fits here because it includes OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, and AI infrastructure checks.
nano-analyzer - https://github.com/weareaisle/nano-analyzer - Minimal LLM-powered zero-day vulnerability scanner. - Experimental, but relevant for the AI code-audit category.
llm-sast-scanner - https://github.com/SunWeb3Sec/llm-sast-scanner - SAST skill that gives AI coding agents structured vulnerability detection across many vulnerability classes. - Useful if you want an agent to follow a more systematic security-review checklist.
alder-security-scanner - https://github.com/Adamsmith6300/alder-security-scanner - AI-powered web application security analysis with agent-based verification. - Worth watching, especially if it produces evidence instead of just guesses.
vulnfix - https://github.com/MukundaKatta/vulnfix - AI vulnerability scanner with fix suggestions. - Needs careful human review because auto-fixes can introduce new bugs.
codesucks-ai - https://github.com/asii-mov/codesucks-ai - Uses Semgrep MCP and Claude Code for vulnerability scans and patches on GitHub. - Interesting bridge between classic SAST and AI coding agents.

Security MCP servers and AI-to-tool bridges

MCP is becoming one of the main ways to connect AI agents to real tools. This section is for security-related MCP servers, bridges, and curated lists.

HexStrike AI - https://github.com/0x4m4/hexstrike-ai - Big MCP-based bridge to many offensive-security tools. - Probably one of the most important repos to track in this category.
kali_mcp - https://github.com/0x7556/kali_mcp - Kali AI pentest MCP tools. - Small but directly relevant to AI-assisted Kali workflows.
kalilinuxmcp - https://github.com/sfz009900/kalilinuxmcp - Kali Linux MCP server for pentesting workflows. - Similar category to kali_mcp.
mcp-pentest - https://github.com/baguskto/mcp-pentest - MCP pentesting server with educational guidance for web, mobile, and network testing. - Newer and low-star, but fits the category.
nmap-mcp - https://github.com/sbmilburn/nmap-mcp - Nmap MCP skill/server for AI engines. - Simple example of exposing a classic security tool to an agent.
nmap-mcp - https://github.com/ly1595/nmap-mcp - Production-oriented Nmap MCP server with scan types and timing templates. - Useful for AI-driven network scanning in authorized labs.
Burp MCP Security Analysis Toolkit - https://github.com/SnailSploit/Burp-MCP-Security-Analysis-Toolkit - Burp-focused MCP toolkit. - Useful category: AI assistant plus proxy history plus manual web testing.
BTK - https://github.com/cbxcvl/BTK - Burp MCP proxy with response compression. - Interesting because large HTTP traffic can blow up agent context windows.
kali-burp-mcp-bridge - https://github.com/HyperPS/kali-burp-mcp-bridge - Bridge for Kali Linux security tools and Burp Suite REST API through MCP. - Watch carefully for safety boundaries before using.
mcp-shodan - https://github.com/ADEOSec/mcp-shodan - Shodan MCP server for reconnaissance, asset discovery, vulnerability assessment, and monitoring. - Useful for passive recon and asset intelligence.
shodan-mcp - https://github.com/Vorota-ai/shodan-mcp - Shodan MCP server for Claude, Cursor, and VS Code with passive recon and CVE/CPE intelligence tools. - Good example of security data APIs becoming agent tools.
awesome-osint-mcp-servers - https://github.com/soxoj/awesome-osint-mcp-servers - Curated list of OSINT MCP servers. - Good place to find username, domain, email, leak, and recon-related MCP tools.
mcp-server-osint - https://github.com/CyberSenseLabs/mcp-server-osint - OSINT MCP server. - Early/small project, but relevant for recon workflows.
OSINT-MCP-Server - https://github.com/canstralian/OSINT-MCP-Server - OSINT MCP server with ethical guardrails according to the README. - Useful for people building safe recon agents.
semgrep-mcp-server mirrors and integrations - Example mirror: https://github.com/mcpflow/stefanskiasan_semgrep-mcp-server - Related integration: https://github.com/asii-mov/codesucks-ai - Category: expose SAST results to an AI coding or review agent.
trivy-mcp - https://github.com/JasonTheDeveloper/trivy-mcp - Trivy MCP/devcontainer integration. - Useful idea: give agents container and dependency vulnerability context.

Vulnerable labs and training targets for AI security workflows

These are useful for testing agents safely.

vuln-bank - https://github.com/Commando-X/vuln-bank - Deliberately vulnerable banking app for web, API, AI-integrated app testing, and secure code review. - Good target for benchmarking AI-assisted pentest workflows.
AIGoat - https://github.com/AISecurityConsortium/AIGoat - Open-source AI security playground for OWASP LLM Top 10 style labs. - Good for learning LLM app risks without attacking real systems.
DVAIA - https://github.com/airtasystems/DVAIA-Damn-Vulnerable-AI-Application - Damn Vulnerable AI Application for LLM, RAG, multimodal, and agent testing. - Useful training environment for AI red teams.
DVMCP - https://github.com/of3r/DVMCP - Damn Vulnerable MCP pentesting lab with Ollama integration. - Interesting for MCP-specific testing.

Knowledge bases, lists, and research resources

These are not always tools, but they help people learn the space.

AboutSecurity - https://github.com/wgpsec/AboutSecurity - Pentest knowledge base structured in an AI-agent-executable format. - Interesting because it treats methodology as agent-readable knowledge.
Awesome LLM Red Teaming - https://github.com/user1342/Awesome-LLM-Red-Teaming - Curated list of LLM red-teaming training, resources, and tools.
AI LLM Red Team Handbook - https://github.com/Shiva108/ai-llm-red-team-handbook - Field-manual style resource for AI and LLM red teaming.
awesome-security-vul-llm - https://github.com/xu-xiang/awesome-security-vul-llm - LLM-assisted collection of vulnerability, PoC, and rule repositories. - Useful for vulnerability-intelligence workflows.
starlog-site - https://github.com/basicScandal/starlog-site - Curated intelligence on AI agents and offensive-security tools. - New/low-star, but the topic matches this thread.

Quick safety note

AI security tools can make bad decisions very confidently. A useful agent should help you reason, document, and test faster. It should not replace authorization, scope control, human verification, or responsible disclosure.

If a tool claims to be “fully autonomous hacking,” be extra skeptical. The useful question is not “can it hack?” The useful question is “does it produce verifiable evidence, reduce busywork, and keep me inside scope?”

I wanted to share the workflow I’ve been using lately for Windows n-day research, because it feels like one of the best examples of what I’d call “vibe hacking.”

Not “ask AI to hack Windows” and magically get a 0day.

More like: use AI as a research partner that helps you move faster through the boring, confusing, and repetitive parts of vulnerability research.

The basic loop looks like this:

Watch Patch Tuesday
Have Hermes cron kick off the first-pass triage automatically every Tuesday
Pick an interesting CVE, usually LPE, EoP, or sandbox escape
Find the patched component
Diff old vs new binaries or source-adjacent artifacts
Ask AI to help explain what changed
Build small probes to test theories
Throw away bad ideas quickly
Keep the paths that show real privilege or trust-boundary movement

The important part is that the AI is not “finding the exploit” by itself. It is helping compress the research cycle.

This is also where Hermes cron is useful. Patch Tuesday happens on a schedule, so the first pass should happen on a schedule too. I can set a weekly job that wakes up every Tuesday, pulls the latest Microsoft advisory data, groups CVEs by likely research value, and drops a short briefing into my workspace.

Example Hermes cron prompt:

Every Patch Tuesday, review the latest Microsoft security updates. Prioritize Windows local privilege escalation, sandbox escape, and broker/service boundary bugs. For each interesting CVE, summarize the affected component, likely bug class, available patch artifacts, and the first safe validation steps. Do not write exploit code. Produce a short triage report with the top 5 targets.

The goal is not to wake up to a finished exploit. The goal is to wake up to a useful map.

For example, instead of staring at a patch diff for hours, I’ll ask something like:

Here are the before and after snippets from a Windows component patched in CVE-XXXX-YYYY. Explain the security-relevant behavior change in plain English. Focus on:

- new validation checks
- trust boundary changes
- object lifetime or permission changes
- anything that could indicate the original bug class

Then propose 3 safe local experiments to confirm the root cause without weaponizing it.

That usually gives a useful starting point.

Then I’ll follow up with:

Assume this was an elevation-of-privilege fix. What would need to be true for this bug to matter in practice? List the required attacker privileges, target service behavior, and what evidence would prove this is more than just a crash.

That second question is key. AI is very good at hyping up bugs. You have to force it to separate “interesting crash” from “actual privilege boundary crossed.”

One result from this workflow: we used AI-assisted patch diffing and targeted probing to narrow a Windows local privilege escalation investigation down from “some patched component changed” to a specific broker/service interaction that was worth testing. The valuable part was not that AI gave us an exploit. It helped us build a decision tree:

What changed?
Why would Microsoft add this check?
What caller controls this input?
What privilege does the service run as?
What would prove exploitability?
What negative tests let us kill this path?

That saved a lot of time.

The methodology is basically “research with a copilot”:

AI summarizes ugly diffs
AI turns vague ideas into checklists
AI writes throwaway harnesses and probes
AI helps document dead ends
AI reminds you what evidence is missing
You still do the validation, debugging, and judgment

The biggest lesson so far: don’t ask AI for an exploit. Ask it to help you think like a vulnerability researcher.

Bad prompt:

Write an exploit for this Patch Tuesday CVE.

Better prompt:

Based on this patch diff, what bug class was likely fixed, what assumptions must hold for exploitation, and what safe tests can confirm or disprove those assumptions?

That difference matters.

This is what I mean by vibe hacking: not blindly trusting AI, not replacing skill, but using it to stay in flow while exploring a target. The AI is great at generating hypotheses. The human has to prove them.

If you’re interested in this style of AI-assisted security research, n-day analysis, exploit dev workflows, weird automation, and building agents that actually do useful work, that’s what I want /r/vibehacking to be about.

AI-Powered Agents for Bub-Bounty Pentesting and Red-Teaming purposes

Cybersecurity Benchmark puts Mythos way ahead: 18/41 v8 n-days, while gpt 5.5 only got 1

Microsoft details new AI system for vulnerability discovery

How can you have agent work 24/7 without interruption?

codex-redteam-mode: A red team aware profile for codex

Green Plasma analysis. Did anyone succeed to exploit this?

Burp Suite extension that adds built-in MCP tooling, AI-assisted analysis, privacy controls, passive and active scanning and more

👋 Pinned thread: AI security tools, hacking agents, and MCP servers

AI pentest agents and offensive-security copilots

LLM security, AI red teaming, and model-risk tools

AI-assisted code security and vulnerability scanning

Security MCP servers and AI-to-tool bridges

Vulnerable labs and training targets for AI security workflows

Knowledge bases, lists, and research resources

Quick safety note

How I use Hermes agent to turn Patch Tuesday into Windows exploit research

Google: Hackers used AI to develop zero-day exploit for web admin tool

Context Is Not Identity: Why AI Security is an Authorization Problem

Let's talk about the /goal command

Is there a way to get the /goal command in OpenCode?