VulnClaw  by Unclecheng-li

AI-powered automated penetration testing

Created 2 months ago
2,004 stars

Top 21.3% on SourcePulse

GitHubView on GitHub
Project Summary

VulnClaw is an AI-driven penetration testing CLI tool designed to automate the entire security assessment workflow, from information gathering to vulnerability exploitation and report generation. It targets security professionals, CTF participants, and red teams by enabling them to describe penetration testing objectives in natural language, which the AI then translates into automated actions. The primary benefit is a significant reduction in manual effort and increased efficiency in security testing.

How It Works

VulnClaw operates on a core architecture combining an LLM Agent with the Model Context Protocol (MCP) toolchain and a sophisticated Skill orchestration system. Users provide natural language commands (e.g., "penetrate http://target.example.com"), which the LLM Agent interprets to identify the current phase (reconnaissance, discovery, exploitation, reporting). The agent then dispatches appropriate MCP tools and custom Skills to execute tasks, iteratively refining its approach based on findings. This approach allows for dynamic, adaptive testing workflows driven by high-level user intent rather than explicit command sequences.

Quick Start & Requirements

  • Installation: Install via pip: pip install vulnclaw. Alternatively, clone the repository and install from source.
  • Prerequisites: Python 3.10+ is required. Users need an API key for a supported LLM provider (e.g., OpenAI, MiniMax, DeepSeek).
  • Setup: Configure the LLM provider using vulnclaw config provider <provider_name>, set the API key with vulnclaw config set llm.api_key <your_key>, and then launch VulnClaw via vulnclaw (CLI/REPL), vulnclaw tui (TUI), or vulnclaw web (Web UI).
  • Documentation: Links to the English README and PyPI are available.

Highlighted Details

  • Natural Language Interface: Drive complex pentesting workflows using conversational commands.
  • Multi-LLM Support: Integrates with 13 LLM providers, including OpenAI, MiniMax, and DeepSeek, with easy switching.
  • MCP Toolchain: Built with 12 MCP services and 23 tool definitions, though some are in preview.
  • Extensive Skill Library: Features 20 penetration Skills covering core pentesting phases and specialized areas like CTF challenges and OSINT.
  • Automated Reporting & PoC: Generates structured Markdown reports and executable Python Proof-of-Concept scripts.
  • Continuous Testing: Supports persistent testing modes with configurable cycles and rounds, generating reports per cycle.
  • Multiple Interfaces: Offers a classic CLI/REPL, a Terminal UI (TUI), and a local Web UI for diverse user preferences.

Maintenance & Community

VulnClaw is actively developed, with a roadmap indicating future enhancements like IDA Pro integration (v0.3) and knowledge base improvements with vector search (v0.4). Community engagement is encouraged via QQ groups (954402631 for general discussion, 1065858551 for developers).

Licensing & Compatibility

The project is released under the MIT License, which permits commercial use and integration into closed-source projects. The tool explicitly states it is for "Authorized Only" use cases.

Limitations & Caveats

Several MCP service integrations are noted as being in preview or placeholder status, indicating potential instability or incomplete functionality. The python_execute tool is considered high-risk and not a strong sandbox environment. The tool's scope is strictly limited to authorized penetration testing scenarios.

Health Check
Last Commit

1 day ago

Responsiveness

Inactive

Pull Requests (30d)
56
Issues (30d)
11
Star History
1,556 stars in the last 30 days

Explore Similar Projects

Feedback? Help us improve.