CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership May 30, 2026

Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others

Cybersecurity News Archived May 30, 2026 ✓ Full text saved

Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed sequence. Developed by Armur AI, it gives security professionals live, coordinated access to the full offensive stack, including nmap, SQLMap, Burp Suite, ZAP, and Metasploit, all driven by an AI […] The post Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others appeared first on Cyber Security News

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others By Guru Baran May 30, 2026 Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed sequence. Developed by Armur AI, it gives security professionals live, coordinated access to the full offensive stack, including nmap, SQLMap, Burp Suite, ZAP, and Metasploit, all driven by an AI model of your choice. What Makes It a True Swarm Most tools marketed as “multi-agent” are actually pipelines — a single planner LLM dispatching specialists in a predetermined order: recon → classify → exploit → report. Pentest Swarm AI breaks this mold with three swarm-intelligence primitives: Stigmergy — agents coordinate by reading and writing findings to a shared PostgreSQL-backed blackboard (pgvector), not via a central planner. Each finding carries a pheromone weight that biases other agents toward high-value paths and decays over time, letting stale attack paths die naturally. Emergence — attack chains form without any agent prescribing them; a recon finding wakes the classifier, a high-severity CVE match triggers the exploit agent, and exploit results cycle back into the board. Decentralization — each agent runs its own trigger predicate, so adding or removing an agent requires no orchestrator rewrite. The platform ships with eight ProjectDiscovery tools stable out of the box — subfinder, httpx, nuclei, naabu, katana, dnsx, gau — plus a fully parsed nmap XML adapter with scope validation. sqlmap, Burp MCP bridge, Metasploit, and ZAP adapters are queued for Wave 2 of the roadmap, making the platform progressively more powerful without requiring a platform overhaul. Getting started requires just one API key and one command: bashexport PENTESTSWARM_ORCHESTRATOR_API_KEY=sk-ant-your-key-here pentestswarm scan example.com --scope example.com --swarm --follow It supports Claude (default, with prompt caching enabled for recon and classifier agents), Ollama for fully air-gapped local deployments, and any OpenAI-compatible model, giving teams the flexibility to balance cost, privacy, and capability. No GPU, no local model download required when using the cloud path. Every campaign produces submission-ready output across four formats Markdown, HTML, JSON, and SARIF queried directly from the blackboard by a dedicated report agent. Findings are automatically deduplicated, CVSS v3.1 scored per the FIRST specification, and scoped: the --scope flag is enforced both at the tool layer and the executor layer for defense-in-depth, making it safe for CI/CD pipelines and bug-bounty programs. Tool Architecture Executes Memory True Swarm Pentest Swarm AI Stigmergic blackboard Yes pgvector + pheromones ✅ PentestGPT Single-agent ReAct Suggests None ❌ PentAGI 4 agents + planner Yes pgvector Pipeline only HexStrike MCP tool wrapper Delegates Stateless ❌ Table based on Pentest Swarm AI Comparison GitHub Actions & MCP Integration A ready-made GitHub Action ships with SARIF output, enabling automated pentesting directly within any CI/CD workflow. The pentestswarm mcp serve command exposes the entire swarm as an MCP server, integrating natively with Claude Desktop and Cursor for IDE-level offensive security testing. Licensed under AGPL-3.0, Pentest Swarm AI is free for red teams, bug-bounty hunters, and internal security pipelines, with the copyleft clause ensuring that any commercial SaaS fork must return improvements to the open-source community. The project is available on GitHub. Uncover Shadow APIs, close OWASP gaps — Join a Free Webinar to secure every API at runtime. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks Hackers Hide Linux Payload Under SSH-Like Filename During Package Installation New 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code and Compromise Systems Iranian APT Uses SEO Poisoning to Deliver Fake SQL Developer Malware Installer Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack Latest News Cyber Security News GREYVIBE Hackers Leverage ChatGPT and Google Gemini to Fuel Cyberattacks Cyber Security Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild Technology Post-quantum cryptography is not the future. It is your current reality.   Cyber Security News Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges Cyber Security News JINX-0164 Threat Actor Using LinkedIn Social Engineering to Deploy Custom macOS Malware
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    May 30, 2026
    Archived
    May 30, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗