AI-powered penetration testing using autonomous agents — directly in your terminal. Run blackbox and whitebox pentests that explore, reason, and surface real vulnerabilities.

Want to run from the cloud or integrate it with your CI/CD? See Pensar Console.

• Run /pentest before merging a PR — catch vulnerabilities as naturally as running tests
• Get actionable findings with severity scores, evidence, and suggested fixes — no security background needed
• Integrate into CI/CD via headless CLI commands or Pensar Console

• Deploy agent-driven swarm testing across large attack surfaces
• Use /operator mode for manual investigation, exploit chaining, and validation
• Automate repetitive testing workflows with persistent memory that accumulates across engagements
• Scale across teams and projects through Pensar Console

Open the Apex TUI:

pensar

Run pentests without the TUI for scripting, CI, or evalgate integration:

# Basic pentest
pensar pentest --target https://example.com

# With extended thinking and task-driven mode
pensar pentest --target https://example.com --extended-thinking --task-driven

# Whitebox (with source code access)
pensar pentest --target https://example.com --cwd ./my-app

# Targeted pentest with specific objectives
pensar targeted-pentest --target https://example.com --objective "Test authentication bypass"

Apex routes diagnostic/operational logging through a centralized structured logger (src/core/logger). It writes one-line JSON to stderr when output is not a TTY — keeping it separate from the program's stdout and easy to ship to a log pipeline (e.g. CloudWatch) — and pretty, colorized output in an interactive terminal. User-facing CLI/TUI output stays on stdout.

Set the level (most → least verbose: debug < info < warn < error, default info):

pensar pentest --target https://example.com --log-level debug   # or --verbose / --quiet
PENSAR_LOG_LEVEL=debug pensar ...                                # via environment
PENSAR_DEBUG=1 pensar ...                                        # back-compat alias for debug

Resolution order: CLI flag → PENSAR_LOG_LEVEL → PENSAR_DEBUG → default info. PENSAR_LOG_FORMAT=json|pretty forces the output format. When Apex runs as a managed agent, PENSAR_LOG_LEVEL is supplied by the host environment.

Stream step-level agent traces to Weights & Biases Weave for analysis and fine-tuning:

export WANDB_API_KEY=your-key
export WANDB_ENTITY=your-entity
# WANDB_PROJECT defaults to "apex-traces"
pensar pentest --target https://example.com

Traces include reasoning steps, tool calls, token usage, and state checkpoints. When credentials are not set, tracing is silently disabled.

Apex emits OpenTelemetry spans for agent runs, LLM calls, and tool executions through @opentelemetry/api. Spans are no-ops unless your process registers an OpenTelemetry SDK as the global tracer provider; Apex ships no SDK.

Register an SDK before importing Apex code:

• Sentry: install @sentry/node ≥ 9.27 and add Sentry.vercelAIIntegration() to your Sentry.init integrations.
• Any OTel backend (Honeycomb, Tempo, Datadog, etc.): register @opentelemetry/sdk-node with an OTLP exporter.

Spans follow OTel GenAI semantic conventions. Only span shape (model, token counts, latency, tool names) is captured by default; set AI_TRACE_RECORD_PAYLOADS=true to also record prompts, tool I/O, and outputs.

For best performance, run Apex in the included Kali Linux container with preconfigured pentest tools:

cd container
cp env.example .env  # add your API keys
docker compose up --build -d
docker compose exec kali-apex bash

Inside the container, run:

pensar

This repository contains tools for authorized security testing only. Before use, please read and agree to the Responsible Use Disclosure.