VulnClaw is an AI-powered penetration testing agent that turns natural language security goals into structured testing workflows. It combines LLM agents, MCP toolchains, penetration testing skills, and command-line automation to support authorized security assessments. The project can guide information gathering, vulnerability discovery, validation, and report generation while keeping the workflow organized through sessions and tools. Its newer architecture uses a goal-driven solving engine instead of a fixed-round loop, helping the agent stop when the goal is reached, the search space is exhausted, or a safety budget is met. It also includes evidence checks designed to reduce hallucinated conclusions by requiring real tool output before accepting key findings. VulnClaw is intended for authorized testing, CTFs, security education, and controlled red-team environments.

Features

  • Natural language penetration testing workflow
  • Goal-driven solving engine
  • Evidence-based finding validation
  • MCP toolchain integration
  • CLI, TUI, and Web UI modes
  • Structured report and PoC generation

Project Samples

Project Activity

See All Activity >

Categories

AI Agents

License

MIT License

Follow VulnClaw

VulnClaw Web Site

Other Useful Business Software
Secure File Transfer for Windows with Cerberus by Redwood Icon
Secure File Transfer for Windows with Cerberus by Redwood

Protect and share files over FTP/S, SFTP, HTTPS and SCP with the #1 rated Windows file transfer server.

Cerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
Try for Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of VulnClaw!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python AI Agents

Registered

17 hours ago