pentagi: an autonomous multi-agent penetration testing platform with integrated security tools and knowledge graphs

What it solves

PentAGI is an automated security testing platform that helps information security professionals and researchers conduct penetration tests more efficiently. It replaces manual, repetitive security probing with an AI-driven system that can autonomously determine and execute the necessary steps to find vulnerabilities.

How it works

The system uses a multi-agent architecture where specialized AI agents (Researchers, Developers, and Executors) collaborate to analyze targets, plan attacks, and run tools. It operates within a sandboxed Docker environment for safety and isolation. To maintain context over long operations, it utilizes a smart memory system combining a vector store (PostgreSQL with pgvector) and a knowledge graph (Neo4j via Graphiti) to track semantic relationships and research results.

Who it’s for

It is designed for security engineers, ethical hackers, and security researchers who need a scalable, self-hosted solution for automated vulnerability discovery and reporting.

Highlights

• Autonomous Execution: AI agents automatically plan and execute penetration testing steps with built-in monitoring to prevent loops.
• Professional Toolset: Includes over 20 integrated security tools such as nmap, metasploit, and sqlmap.
• Knowledge Integration: Uses a knowledge graph and long-term memory to store successful approaches and domain expertise.
• Web Intelligence: Integrated browser and search API support (Tavily, Perplexity, etc.) for gathering real-time intelligence.
• Enterprise-Ready Infra: Features a microservices architecture, REST/GraphQL APIs, and detailed observability via Grafana and Prometheus.