Pwnkit

<p align="center"> <img src="assets/pwnkit-icon.gif" alt="pwnkit" width="80" /> </p> <h1 align="center">pwnkit</h1> <p align="center"> <strong>Let autonomous AI agents hack you so the real ones can't.</strong><br/> <em>Fully autonomous agentic pentesting framework.</em> </p> <!-- Row 1 — the proof: what the agent actually does on public benchmarks. Bold crimson e63946 across all three so they read as one wall of impact. --> <p align="center"> <a href="https://docs.pwnkit.com/benchmark"><img src="https://img.shields.io/badge/XBOW%20best--of--N-92.3%25%20(96%2F104)-e63946?style=flat-square&labelColor=2b2d42" alt="XBOW best-of-N score" /></a> <a href="https://docs.pwnkit.com/benchmark"><img src="https://img.shields.io/badge/XBOW%20black--box-87.5%25%20(91%2F104)-e63946?style=flat-square&labelColor=2b2d42" alt="XBOW black-box score" /></a> <a href="https://docs.pwnkit.com/benchmark"><img src="https://img.shields.io/badge/Cybench-80%25%20(8%2F10)-e63946?style=flat-square&labelColor=2b2d42" alt="Cybench score" /></a> </p> <!-- Row 2 — identity, install, license, build. Coordinated muted palette so Row 2 visually recedes behind Row 1's red proof. Charcoal label across the row, varied accent colors per badge. --> <p align="center"> <a href="https://www.npmjs.com/package/pwnkit-cli"><img src="https://img.shields.io/npm/v/pwnkit-cli?color=e63946&style=flat-square&labelColor=2b2d42" alt="npm version" /></a> <a href="https://github.com/peaktwilight/pwnkit/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-Apache%202.0-1d3557?style=flat-square&labelColor=2b2d42" alt="license" /></a> <img src="https://img.shields.io/badge/runtime-npx%20%C2%B7%20bunx%20%C2%B7%20docker-2a9d8f?style=flat-square&labelColor=2b2d42" alt="runs with npx, bunx, docker" /> <img src="https://img.shields.io/badge/native%20deps-zero-457b9d?style=flat-square&labelColor=2b2d42" alt="zero native modules" /> <a href="https://github.com/peaktwilight/pwnkit/actions"><img src="https://img.shields.io/github/actions/workflow/status/peaktwilight/pwnkit/ci.yml?style=flat-square&labelColor=2b2d42&label=build" alt="build" /></a> </p> <p align="center"> <img src="assets/demo.gif" alt="pwnkit Demo" width="700" /> </p> <p align="center"> <a href="https://docs.pwnkit.com">Docs</a> &middot; <a href="https://pwnkit.com">Website</a> &middot; <a href="https://pwnkit.com/blog">Blog</a> &middot; <a href="https://docs.pwnkit.com/benchmark">Benchmark</a> &middot; <a href="https://docs.pwnkit.com/triage">Triage</a> </p>

---

Fully autonomous agentic pentesting for web apps, AI/LLM apps, npm packages, and source code.

This README is the fast path. The detailed command reference, configuration, architecture notes, recipes, and benchmark breakdowns live in the docs site.

Quick Start

Docker

docker run --rm -e OPENROUTER_API_KEY=$KEY \
  ghcr.io/peaktwilight/pwnkit:latest scan --target https://example.com

If you use Azure OpenAI instead, also pass AZURE_OPENAI_BASE_URL and AZURE_OPENAI_MODEL. For the Responses API, the Azure base URL should include /openai/v1.

The image ships with Node 20, Playwright/Chromium, and the standard pentest toolbox (sqlmap, nmap, nikto, gobuster, ffuf, hydra, john, …) preinstalled.

npx / bunx

# Scan an AI / LLM endpoint
npx pwnkit-cli scan --target https://example.com/api/chat

# Pentest a web app
npx pwnkit-cli scan --target https://example.com --mode web

# White-box scan with source code access
npx pwnkit-cli scan --target https://example.com --repo ./source

# Audit an npm package
npx pwnkit-cli audit lodash

# Review source code
npx pwnkit-cli review ./my-app

# Auto-detect — just give it a target
npx pwnkit-cli https://example.com

Prefer Bun? Swap npx for bunx — same commands, same flags, zero-install, noticeably faster cold start. pwnkit-cli is pure-JS with a WASM SQLite core, so there are no native bindings to rebuild on either runtime.

Global install:

npm i -g pwnkit-cli
# or
bun add -g pwnkit-cli

What It Does

• scan targets AI / LLM apps, web apps, REST / OpenAPI APIs, and MCP servers.
• audit installs and inspects npm packages with npm audit, semgrep, and AI review.
• review performs deep source-code security review on a local repo or Git URL.
• triage-data turns benchmark runs and verified findings into labeled JSONL for triage-model training.
• cloud-sink can stream findings and final reports to an orchestrator with PWNKIT_CLOUD_SINK + PWNKIT_CLOUD_SCAN_ID.
• dashboard, history, findings, and triage provide local persistence and review workflows.

Why It’s Different

• Shell-first web pentesting. The agent uses bash, writes scripts, and chains tools like a human pentester instead of being trapped in a small HTTP-tool DSL.
• Blind verification. Findings are independently re-exploited before they are reported.
• Docs-backed benchmark transparency. The current benchmark details live in the docs and raw artifacts under packages/benchmark/results.

Docs

• Getting Started
• Commands
• Configuration
• Recipes
• Architecture
• Triage Pipeline
• Benchmark

Snapshot

• XBOW (black-box): 91/104 = 87.5%
• XBOW (white-box best-of-N aggregate): 96/104 = 92.3%
• Cybench: 8/10 = 80%
• AI / LLM regression set: 10/10

Both XBOW numbers are reported separately — no methodology blending. The 5 white-box-only flags (XBEN-023, 056, 063, 075, 061) come from the best-of-N aggregate across features=none / features=experimental / features=all runs with --repo source access. Same model, same tools, only the source-access flag differs. For the full benchmark methodology, caveats, and historical runs, use the benchmark docs page instead of the README.

GitHub Action

- uses: peaktwilight/pwnkit@main
  with:
    mode: review
    path: .
    format: sarif
  env:
    OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}

Development

git clone https://github.com/peaktwilight/pwnkit.git
cd pwnkit
pnpm install
pnpm lint
pnpm test

See CONTRIBUTING.md.

License

Apache 2.0 — built by Peak Twilight.