AI-driven single-binary pentest agent with a built-in multi-engine arsenal, ready to go
Preview — APIs and features may change between releases
aiscan combines LLM agents with traditional security scanning engines. Three modes: Scan (deterministic pipeline, optional AI assist), Agent (natural-language autonomous assessment), IOA (multi-agent distributed collaboration).
Use only on explicitly authorized targets. Unauthorized use is illegal.
# No LLM needed — one-line scan
aiscan scan -i 192.168.1.0/24
# With LLM — one-line agent
aiscan agent --base-url "https://api.deepseek.com" --api-key "sk-..." --model deepseek-chat \
-p "scan targets and check for high-risk vulnerabilities" -i 192.168.1.0/24
From GitHub Releases:
| Edition | Description |
|---|---|
| aiscan | Standard — scan/agent/gogo/spray/zombie/neutron/proton/arsenal |
| aiscan-full | Full — adds playwright browser, passive recon, katana crawler |
| aiscan-agent | Lightweight agent runtime, ideal for remote worker deployment |
| OS | Arch | Standard | Full | Agent |
|---|---|---|---|---|
| Linux | amd64 / arm64 | aiscan_linux_amd64 |
aiscan-full_linux_amd64 |
aiscan-agent_linux_amd64 |
| macOS | Intel / Apple Silicon | aiscan_darwin_amd64 |
aiscan-full_darwin_arm64 |
aiscan-agent_darwin_arm64 |
| Windows | amd64 | aiscan_windows_amd64.exe |
aiscan-full_windows_amd64.exe |
aiscan-agent_windows_amd64.exe |
# Linux
curl -L -o aiscan https://github.com/chainreactors/aiscan/releases/latest/download/aiscan_linux_amd64
chmod +x aiscan && sudo mv aiscan /usr/local/bin/
# macOS
curl -L -o aiscan https://github.com/chainreactors/aiscan/releases/latest/download/aiscan_darwin_arm64
chmod +x aiscan && sudo mv aiscan /usr/local/bin/
# Windows (PowerShell)
Invoke-WebRequest "https://github.com/chainreactors/aiscan/releases/latest/download/aiscan_windows_amd64.exe" -OutFile aiscan.exe
git clone https://github.com/chainreactors/aiscan.git && cd aiscan
go build -o aiscan ./cmd/aiscan # standard
go build -tags full -o aiscan-full ./cmd/aiscan # full (playwright/katana/passive)
Scanners - gogo — port, service, and banner discovery - spray — web probing, fingerprinting, path fuzzing - zombie — credential testing - neutron — template-based POC execution - proton — sensitive information scanning (API keys, tokens, credentials, secrets) - cyberhub — fingerprint and POC association query
Browser & Recon (full edition) - playwright — headless Chromium sessions, screenshots, network capture - katana — web crawler with standard/headless/hybrid engines - passive — cyberspace search (FOFA, Hunter, Shodan)
Utilities - tmux — background task sessions with incremental output delivery - arsenal — security tool package manager (crtm), one-command install - proxy — multi-protocol proxy chain (trojan/vless/anytls/hy2/ss) - web_search / fetch — CVE search and URL fetching
aiscan scan -i 192.168.1.0/24 # quick scan
aiscan scan -i 192.168.1.0/24 --mode full # full scan
aiscan scan -i http://target.example --verify=high --sniper # AI-enhanced
aiscan scan -i http://target.example --mode full --deep --report # full + deep + report
# One-shot task
aiscan agent -p "scan and find web vulnerabilities" -i 192.168.1.0/24
# With goal evaluation
aiscan agent -p "full scan" -i http://target.example -e "find all open ports with service fingerprints"
# Interactive REPL
aiscan agent
# Start IOA server
aiscan ioa serve --ioa-url http://0.0.0.0:8765
# Start IOA worker
aiscan agent --ioa-url http://127.0.0.1:8765 --space pentest-project \
-p "scan assigned targets and report findings"
# Environment variable
export OPENAI_API_KEY="sk-..."
# CLI arguments
aiscan agent --provider deepseek --base-url https://api.deepseek.com --api-key sk-... --model deepseek-chat
Config file aiscan.yaml:
llm:
provider: openai
api_key: sk-...
model: gpt-4o
| Doc | Description |
|---|---|
| Scan Mode | Pipeline, AI enhancements, output formats |
| Agent Mode | Toolset, Goal Evaluation, REPL |
| IOA | Multi-agent architecture, Space/Node/Message model |
| Reference | Configuration, providers, flags, scanner usage, FAQ |
| Changelog | Version history |
git checkout -b feature/xxx)git commit -m 'feat: add xxx')git push origin feature/xxx)This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0).
$ claude mcp add aiscan \
-- python -m otcore.mcp_server <graph>