'%3e%3cmask%20id='mask0_1401_86292'%20style='mask-type:luminance'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='641'%20height='115'%3e%3cpath%20d='M640.714%200H0V115H640.714V0Z'%20fill='white'/%3e%3c/mask%3e%3cg%20mask='url(%23mask0_1401_86292)'%3e%3cpath%20d='M18%2030H6V18H18V30Z'%20fill='%23CFCECD'/%3e%3cpath%20d='M18%2012H6V30H18V12ZM24%2036H0V6H24V36Z'%20fill='%23656363'/%3e%3cpath%20d='M48%2030H36V18H48V30Z'%20fill='%23CFCECD'/%3e%3cpath%20d='M36%2030H48V12H36V30ZM54%2036H36V42H30V6H54V36Z'%20fill='%23656363'/%3e%3cpath%20d='M84%2024V30H66V24H84Z'%20fill='%23CFCECD'/%3e%3cpath%20d='M84%2024H66V30H84V36H60V6H84V24ZM66%2018H78V12H66V18Z'%20fill='%23656363'/%3e%3cpath%20d='M108%2030H96V12H108V30Z'%20fill='%23CFCECD'/%3e%3cpath%20d='M114%2036H108V12H114V36ZM108%2012H96V36H90V6H108V12Z'%20fill='%23656363'/%3e%3cpath%20d='M132%2018H144V24H132V18Z'%20fill='%23EF9A9A'/%3e%3cpath%20d='M120%206H150V12H120V6ZM120%2012H126V18H120V12ZM120%2018H150V24H120V18ZM144%2024H150V30H144V24ZM120%2030H150V36H120V30Z'%20fill='%23980002'/%3e%3cpath%20d='M174%2030H162V18H174V30Z'%20fill='%23EF9A9A'/%3e%3cpath%20d='M162%2030H174V12H162V30ZM180%2036H162V42H156V6H180V36Z'%20fill='%23980002'/%3e%3cpath%20d='M204%2030H192V36H204V30Z'%20fill='%23EF9A9A'/%3e%3cpath%20d='M210%2036H186V6H192V30H210V36Z'%20fill='%23980002'/%3e%3cpath%20d='M234%2030H222V18H234V30Z'%20fill='%23EF9A9A'/%3e%3cpath%20d='M234%2012H222V30H234V12ZM240%2036H216V6H240V36Z'%20fill='%23980002'/%3e%3cpath%20d='M252%2036H246V6H252V36Z'%20fill='%23980002'/%3e%3cpath%20d='M276%2012H264V36H270V12H276Z'%20fill='%23EF9A9A'/%3e%3cpath%20d='M279%2012H256V6H279V12ZM270%2036H264V12H270V36Z'%20fill='%23980002'/%3e%3c/g%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_1401_86292'%3e%3crect%20width='640.714'%20height='115'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
'%3e%3cmask%20id='mask0_1401_86292'%20style='mask-type:luminance'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='641'%20height='115'%3e%3cpath%20d='M640.714%200H0V115H640.714V0Z'%20fill='white'/%3e%3c/mask%3e%3cg%20mask='url(%23mask0_1401_86292)'%3e%3cpath%20d='M18%2030H6V18H18V30Z'%20fill='%234B4646'/%3e%3cpath%20d='M18%2012H6V30H18V12ZM24%2036H0V6H24V36Z'%20fill='%23B7B1B1'/%3e%3cpath%20d='M48%2030H36V18H48V30Z'%20fill='%234B4646'/%3e%3cpath%20d='M36%2030H48V12H36V30ZM54%2036H36V42H30V6H54V36Z'%20fill='%23B7B1B1'/%3e%3cpath%20d='M84%2024V30H66V24H84Z'%20fill='%234B4646'/%3e%3cpath%20d='M84%2024H66V30H84V36H60V6H84V24ZM66%2018H78V12H66V18Z'%20fill='%23B7B1B1'/%3e%3cpath%20d='M108%2030H96V12H108V30Z'%20fill='%234B4646'/%3e%3cpath%20d='M114%2036H108V12H114V36ZM108%2012H96V36H90V6H108V12Z'%20fill='%23B7B1B1'/%3e%3cpath%20d='M132%2018H144V24H132V18Z'%20fill='%236A0000'/%3e%3cpath%20d='M120%206H150V12H120V6ZM120%2012H126V18H120V12ZM120%2018H150V24H120V18ZM144%2024H150V30H144V24ZM120%2030H150V36H120V30Z'%20fill='%23EF5350'/%3e%3cpath%20d='M174%2030H162V18H174V30Z'%20fill='%236A0000'/%3e%3cpath%20d='M162%2030H174V12H162V30ZM180%2036H162V42H156V6H180V36Z'%20fill='%23EF5350'/%3e%3cpath%20d='M204%2030H192V36H204V30Z'%20fill='%236A0000'/%3e%3cpath%20d='M210%2036H186V6H192V30H210V36Z'%20fill='%23EF5350'/%3e%3cpath%20d='M234%2030H222V18H234V30Z'%20fill='%236A0000'/%3e%3cpath%20d='M234%2012H222V30H234V12ZM240%2036H216V6H240V36Z'%20fill='%23EF5350'/%3e%3cpath%20d='M252%2036H246V6H252V36Z'%20fill='%23EF5350'/%3e%3cpath%20d='M276%2012H264V36H270V12H276Z'%20fill='%236A0000'/%3e%3cpath%20d='M279%2012H256V6H279V12ZM270%2036H264V12H270V36Z'%20fill='%23EF5350'/%3e%3c/g%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_1401_86292'%3e%3crect%20width='640.714'%20height='115'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
New
The open source offensive security agent
Autonomous penetration testing powered by any LLM provider. 25+ security tools orchestrated via MCP.
What is OpenSploit?
OpenSploit is an open source AI agent, built on OpenCode, that performs autonomous penetration testing from your terminal.
- [*]25+ Security Tools nmap, sqlmap, ffuf, hydra, metasploit, and more via MCP
- [*]Multi-phase Recon, enumeration, exploitation, post-exploitation, and reporting
- [*]Tool Discovery RAG-based tool registry automatically finds the right tool for each task
- [*]Docker Isolated All security tools run in isolated Docker containers via MCP
- [*]Pattern Learning Learns from past engagements to improve future penetration tests
- [*]Any model 75+ LLM providers through Models.dev, including local models
- [*]Sub-agents Master agent orchestrates task-specific sub-agents for each phase
The open source offensive security agent
[*]
With over 120,000 GitHub stars, 800 contributors, and over 10,000 commits, OpenSploit is built on a battle-tested foundation trusted by over 5M developers.
Built for privacy first
[*]
OpenSploit runs entirely locally. No code, credentials, or engagement data is ever sent to our servers. Learn more about privacy.
FAQ
Access reliable optimized models for security agents
Zen gives you access to a handpicked set of AI models tested and benchmarked specifically for security agents. No need to worry about inconsistent performance across providers, use validated models that work.
Learn about Zen
Be the first to know when we release new products
Join the waitlist for early access.