AI writes the code.
pwnkit hacks it.
Open-source agentic framework for autonomous security research.
Not just detection — exploit-backed proof of every finding.
Built from 7 real CVEs in packages with 40M+ downloads · General-purpose autonomous pentesting
npx pwnkit-cli your-target 
General-purpose autonomous pentesting.
Web apps, APIs, npm packages, source code, AI endpoints — pwnkit finds what scanners miss.
LLM Endpoints
ChatGPT, Claude, Llama APIs, custom chatbots
MCP Servers
Tool schemas, validation, auth, poisoning
npm Packages
Supply chain, malicious code, dependency risk
Source Code
Local repos, GitHub URLs, deep AI audit
Web Apps
SQLi, XSS, SSRF, auth bypass, IDOR, full pentest
Just give it a target.
pwnkit auto-detects what you're scanning. Or use explicit commands for full control.
pwnkit express Audit an npm package
pwnkit ./my-repo Review source code
pwnkit https://api.com Scan an API endpoint
pwnkit https://site.com --mode web Full web pentest
One command, zero config
No YAML files. No Python environments. Just npx pwnkit-cli your-target and you're running.
Zero false positives
Every finding is re-exploited with proof before it hits the report. No more triaging 200 "possible prompt injections."
$0.05 per CI scan
Quick scans in under a minute. Deep audits for $1. Cheaper than one hour of manual pentesting.
LLM agnostic
Works with any model — Claude, GPT, Ollama, Gemini, or your own fine-tune. Swap providers without changing a single config line.
How it compares
Independent. Open source. No vendor lock-in.
| Feature |  pwnkit | promptfoo (acquired by OpenAI) | garak | nuclei | Semgrep |
|---|---|---|---|---|---|
| Autonomous multi-agent | Agentic pipeline | — | — | — | — |
| Verification (no false positives) | Re-exploits | — | — | — | — |
| LLM endpoint scanning | ✓ | ✓ | ✓ | — | — |
| MCP server security | ✓ | — | — | — | — |
| npm package audit | ✓ | — | — | — | Rules |
| Source code review | AI-powered | — | — | — | Rules |
| Web/API scanning | ✓ | — | — | ✓ | — |
| AI attack coverage | 30+ agentic | Partial | Partial | — | — |
| Zero config | npx | YAML | Python | Templates | Config |
| Independent | ✓ | Acquired | ✓ | ✓ | VC-backed |
| Open source | MIT | OpenAI-owned | OSS | MIT | LGPL |
Drops into your CI/CD
Findings show up directly in GitHub's Security tab.
name: AI Security Scan
on: [push, pull_request]
jobs:
pwnkit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run pwnkit
uses: peaktwilight/pwnkit/action@v1
with:
target: $${{ secrets.STAGING_API_URL }}
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: pwnkit-report/report.sarifpwnkit reviews its own source code
pwnkit runs pwnkit review . on its own repository. The same agentic pipeline that found 7 CVEs — pointed at itself. If it finds something, you'll see it here.
Set it up on your repo in 2 minutes:
1. Add to your GitHub Actions workflow:
- run: npx pwnkit-cli review . --format json > pwnkit-report.json 2. Add the badge to your README:
[](https://pwnkit.com) Built from real security research
pwnkit started as an internal framework. It found 7 CVEs in packages with 40M+ weekly downloads before I open-sourced it.
Stop guessing.
Start proving.
Give it a target. Get verified vulnerabilities with proof.
pwnkit https://api.example.com pwnkit express pwnkit ./my-repo pwnkit https://github.com/org/repo