Claude Skill
H-mmer/pentest-agents
pentest-agents is a bug bounty agent framework for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw. Features 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt...
Overview
Repository
Install this Skill
git clone https://github.com/H-mmer/pentest-agents-suiteRegistry
Summary
A bug bounty agent framework designed for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw. It includes 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt loops, and an exploit chain builder for penetration testing.
为Claude Code、Codex、Gemini、Cursor、Windsurf、Copilot和OpenClaw设计的漏洞赏金代理框架——包含48个代理、26条指令、19个CLI工具、2个MCP服务器、自主狩猎循环及漏洞利用链构建器。
Key features
- 48 specialized agents for various pentesting tasks
- 26 commands for streamlined workflow automation
- 19 CLI tools for direct system interaction
- 2 MCP servers for enhanced agent capabilities
- Autonomous hunt loops for continuous vulnerability discovery
- Exploit chain builder for chaining vulnerabilities
Use cases
- Automated bug bounty hunting on platforms like HackerOne and Bugcrowd
- Penetration testing with multi-agent collaboration
- Exploit chain development and testing
- Continuous security assessment with autonomous loops
- Integration with Claude Code, Codex, Gemini, and other AI coding tools
README excerpt
<p align="center"> <img src="docs/assets/logo.svg" alt="Pentest Agent Suite" width="440"/> </p> <h1 align="center">Pentest Agent Suite for Claude Code</h1> <p align="center"> <em>Autonomous bug-bounty framework for Claude Code and 6 other AI coding tools — 50 agents, 26 commands, 19 CLI tools, 11 skills, 2 MCP servers.</em> </p> <p align="center"> <img src="https://img.shields.io/badge/python-3.10%2B-blue?logo=python&logoColor=white" alt="Python 3.10+"/> <img src="https://img.shields.io/badge/Claude-Code-d97757" alt="Claude Code"/> <img src="https://img.shields.io/badge/MCP-servers%20%C3%97%202-2ea043" alt="MCP servers"/> <img src="https://img.shields.io/badge/agents-50-8957e5" alt="50 agents"/> <img src="https://img.shields.io/badge/payloads-2500%20lines-f85149" alt="Payloads"/> <img src="https://img.shields.io/badge/IDEs-7-1f6feb" alt="7 IDE targets"/> </p> --- **~760 files · ~118k lines · 50 agents · 26 commands · 19 CLI tools · 11 skills · 2 MCP servers (16 bug-bounty platforms + BYO writeup search) · 2,500 payload lines** A complete bug bounty framework. Battle-tested hunting methodology with concrete payloads, 7-Question Gate validation, autonomous hunt loops, A→B exploit chain building, persistent brain with endpoint tracking, optional semantic writeup search (bring your own index), automatic cost tracking via CC hooks, live platform integration, and a cross-IDE installer that emits the native format for Claude Code, Codex, Gemini, Cursor, Windsurf, VS Code Copilot, and OpenClaw. ## Quick Start ```bash # MCP servers are launched via `uv run --with mcp` — no global pip install required. export HACKERONE_USERNAME=you HACKERONE_TOKEN=your_token uv run python3 tools/scaffold.py hackerone tesla cd ~/bounties/hackerone-tesla && claude /model opu