Claude Skill

H-mmer/pentest-agents

pentest-agents is a bug bounty agent framework for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw. Features 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt...

Overview

Stars747
Forks147
LanguagePython
Last pushed2026-06-12
Last synced2026-07-03
View on GitHub

Repository

OwnerH-mmer
Repositorypentest-agents
Full nameH-mmer/pentest-agents
Repo ID1,198,251,684

Install this Skill

git clone https://github.com/H-mmer/pentest-agents-suite

Registry

Typemcp_server
Quality score85/100
Verificationreadme_parsed
Last verified2026-06-06
Platforms
ClaudeMCPOpenClawCodexCursor
Capabilities
browserpdfmemorysearchimagevideoterminalworkflowagentsbug-bounty
Detected files
README.mddocspyproject.tomltests
Config keys
HACKERONE_TOKENURL

Summary

A bug bounty agent framework designed for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw. It includes 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt loops, and an exploit chain builder for penetration testing.

Chinese description

为Claude Code、Codex、Gemini、Cursor、Windsurf、Copilot和OpenClaw设计的漏洞赏金代理框架——包含48个代理、26条指令、19个CLI工具、2个MCP服务器、自主狩猎循环及漏洞利用链构建器。

Key features

  • 48 specialized agents for various pentesting tasks
  • 26 commands for streamlined workflow automation
  • 19 CLI tools for direct system interaction
  • 2 MCP servers for enhanced agent capabilities
  • Autonomous hunt loops for continuous vulnerability discovery
  • Exploit chain builder for chaining vulnerabilities

Use cases

  • Automated bug bounty hunting on platforms like HackerOne and Bugcrowd
  • Penetration testing with multi-agent collaboration
  • Exploit chain development and testing
  • Continuous security assessment with autonomous loops
  • Integration with Claude Code, Codex, Gemini, and other AI coding tools

README excerpt

<p align="center"> <img src="docs/assets/logo.svg" alt="Pentest Agent Suite" width="440"/> </p> <h1 align="center">Pentest Agent Suite for Claude Code</h1> <p align="center"> <em>Autonomous bug-bounty framework for Claude Code and 6 other AI coding tools — 50 agents, 26 commands, 19 CLI tools, 11 skills, 2 MCP servers.</em> </p> <p align="center"> <img src="https://img.shields.io/badge/python-3.10%2B-blue?logo=python&logoColor=white" alt="Python 3.10+"/> <img src="https://img.shields.io/badge/Claude-Code-d97757" alt="Claude Code"/> <img src="https://img.shields.io/badge/MCP-servers%20%C3%97%202-2ea043" alt="MCP servers"/> <img src="https://img.shields.io/badge/agents-50-8957e5" alt="50 agents"/> <img src="https://img.shields.io/badge/payloads-2500%20lines-f85149" alt="Payloads"/> <img src="https://img.shields.io/badge/IDEs-7-1f6feb" alt="7 IDE targets"/> </p> --- **~760 files · ~118k lines · 50 agents · 26 commands · 19 CLI tools · 11 skills · 2 MCP servers (16 bug-bounty platforms + BYO writeup search) · 2,500 payload lines** A complete bug bounty framework. Battle-tested hunting methodology with concrete payloads, 7-Question Gate validation, autonomous hunt loops, A→B exploit chain building, persistent brain with endpoint tracking, optional semantic writeup search (bring your own index), automatic cost tracking via CC hooks, live platform integration, and a cross-IDE installer that emits the native format for Claude Code, Codex, Gemini, Cursor, Windsurf, VS Code Copilot, and OpenClaw. ## Quick Start ```bash # MCP servers are launched via `uv run --with mcp` — no global pip install required. export HACKERONE_USERNAME=you HACKERONE_TOKEN=your_token uv run python3 tools/scaffold.py hackerone tesla cd ~/bounties/hackerone-tesla && claude /model opu

Topics

Explore more

Data from GitHub. Synced on 2026-07-03