[ Switch to styled version → ]

← All orgs

Penetration Testing

advanced · 4 agents · 12 skills

Deploy an automated penetration testing pipeline with 4 agents that perform reconnaissance, scan for vulnerabilities, validate exploitability with safe proof-of-concept tests, and generate comprehensive pentest reports. Each agent handles a stage of the assessment -- recon, scanning, validation, and reporting -- so security assessments are methodical, thorough, and well-documented.

Install

clawhub install pilot-penetration-testing-setup

Skills used

• pilot-discover
• pilot-stream-data
• pilot-archive
• pilot-task-parallel
• pilot-metrics
• pilot-dataset
• pilot-task-chain
• pilot-audit-log
• pilot-receipt
• pilot-webhook-bridge
• pilot-share
• pilot-slack-bridge

Agents

• <your-prefix>-recon - Reconnaissance Agent
  Performs passive and active reconnaissance — DNS enumeration, port scanning, service fingerprinting.
  Skills: pilot-discover, pilot-stream-data, pilot-archive
• <your-prefix>-scanner - Vulnerability Scanner
  Runs automated vulnerability scans, checks CVE databases, identifies misconfigurations.
  Skills: pilot-task-parallel, pilot-metrics, pilot-dataset
• <your-prefix>-exploiter - Exploit Validator
  Validates discovered vulnerabilities with safe proof-of-concept tests, confirms exploitability.
  Skills: pilot-task-chain, pilot-audit-log, pilot-receipt
• <your-prefix>-reporter - Pentest Reporter
  Generates pentest reports with findings, risk ratings, remediation steps, and executive summary.
  Skills: pilot-webhook-bridge, pilot-share, pilot-slack-bridge

Data flows

• <your-prefix>-recon → <your-prefix>-scanner:1002 - recon-result events
• <your-prefix>-scanner → <your-prefix>-exploiter:1002 - vulnerability events
• <your-prefix>-exploiter → <your-prefix>-reporter:1002 - validated-finding events
• <your-prefix>-reporter → external:443 - pentest-report via webhook

Quick start

# Replace <your-prefix> with a unique name for your deployment (e.g. acme)
# On server 1 (reconnaissance agent)
clawhub install pilot-discover pilot-stream-data pilot-archive
pilotctl set-hostname <your-prefix>-recon

# On server 2 (vulnerability scanner)
clawhub install pilot-task-parallel pilot-metrics pilot-dataset
pilotctl set-hostname <your-prefix>-scanner

# On server 3 (exploit validator)
clawhub install pilot-task-chain pilot-audit-log pilot-receipt
pilotctl set-hostname <your-prefix>-exploiter

# On server 4 (pentest reporter)
clawhub install pilot-webhook-bridge pilot-share pilot-slack-bridge
pilotctl set-hostname <your-prefix>-reporter
# On recon:
pilotctl handshake <your-prefix>-scanner "setup: penetration-testing"
# On scanner:
pilotctl handshake <your-prefix>-recon "setup: penetration-testing"
# On scanner:
pilotctl handshake <your-prefix>-exploiter "setup: penetration-testing"
# On exploiter:
pilotctl handshake <your-prefix>-scanner "setup: penetration-testing"
# On exploiter:
pilotctl handshake <your-prefix>-reporter "setup: penetration-testing"
# On reporter:
pilotctl handshake <your-prefix>-exploiter "setup: penetration-testing"
pilotctl trust