For that last 8 months I've been trying to make agents that can hack web applications to find vulnerabilities in them - An AI Security Tester.

The system has 29 agents in total, a custom LLM Orchestration framework which works on the task-subtask architecture (old-school but works amazingly for my use case, and is pretty reliable) with custom agent calling mechanism.

No Auo-Gen, Langchain and Crew AI - Everything custom built for pentesting.

Each test runs in an isolated Kali linux environment (on AWS Fargate), where the agents have full access to the environment to undertake any step to hack the web application and find vulnerabilities. The agents have full access to the internet (through tavily) to search up and research content while conducting the test.

After the test has been completed, which can take anywhere from 2-12 hours depending on the target, Peneterrer gives a full Vulnerability Management portal + A Pentest report completely generated by AI (sometimes 30+ pages long)

You can test it out here - https://peneterrer.com/

Feedback appreciated!