CyberAgents has achieved what no other AI-based pentesting software has done before: autonomously compromising HackTheBox "Insane" difficulty machines — the hardest category available, typically requiring days of work from elite human pentesters.
58 specialized AI agents executing a complete 9-phase penetration testing methodology — from reconnaissance to root — in under 3 hours, with professional reporting.
Historic Milestone — March 2026
CyberAgents is the first AI-agent-based pentesting framework in the world to autonomously hack HackTheBox Insane-rated machines — complete with real exploitation, privilege escalation, and CVE-based attack chains that mirror what top-tier human red teams accomplish.
The cybersecurity industry faces a structural gap between the demand for pentesting and the supply of qualified professionals.
Manual penetration tests cost between €15K and €80K per audit — prohibitive for SMEs and too infrequent for enterprises under growing compliance mandates like DORA and NIS2. Senior pentesters command salaries above €120K/year, and there simply aren't enough of them.
CyberAgents bridges the gap with autonomous, AI-driven pentesting that delivers manual-grade depth at machine speed.
The system executes all 9 pentesting phases without human intervention. Ideal for recurring audits, compliance validation, and continuous security monitoring. Completes HackTheBox Insane machines in 45–90 minutes.
The pentester directs strategy while CyberAgents executes. A 10x productivity multiplier that enables junior operators to tackle complex audits previously reserved for senior red teamers.
Every engagement produces a detailed penetration test report with findings, CVSS scores, attack chain documentation, and actionable remediation recommendations — ready for compliance review.
Built on a multi-agent coordination framework designed for complex, multi-step attack chains.
Purpose-built agents for Nmap, Gobuster, Feroxbuster, Metasploit, Hydra, SQLMap, Nuclei, and more. Each agent encapsulates tool expertise and interpretation logic.
Intelligent coordination via shared Redis state. The Coordinator Agent orchestrates agent assignments, resolves conflicts, and ensures optimal attack path execution.
Monte Carlo Tree Search explores multiple attack paths in parallel. When one path fails, backtracking pivots to alternative vectors — mimicking how expert pentesters think.
Speed-critical tasks route to Gemini Flash for low-latency decisions. Complex reasoning and code generation route to frontier models. Cost-optimized without sacrificing depth.
A validation gate before each Metasploit module or destructive action. Prevents false-positive exploitation and ensures safe, controlled testing within defined scope.
Runs entirely on-premise with local LLMs (Qwen, Foundation-Sec-8B) for classified environments, defense, and critical infrastructure. Zero data leaves the perimeter.
CyberAgents executes the complete PTES-aligned pentesting methodology end-to-end.
Port scanning, service detection, OS fingerprinting, OSINT gathering.
Virtual host discovery, directory brute-force, technology fingerprinting, user enumeration.
CVE identification, dependency analysis, template analysis, SSTI/XSS/SQLi testing.
Real exploitation with full proof-of-concept. SSTI → RCE, auth bypass, credential extraction.
Database dumps, credential harvesting, configuration extraction, internal service discovery.
Sudo analysis, SUID binaries, kernel exploits, token abuse, FUSE filesystem tricks.
SSH tunneling, port forwarding, credential reuse, internal network pivoting.
Backdoor analysis, cron jobs, startup scripts, service implants.
Professional PDF report with CVSS-scored findings, attack chain diagrams, and remediation guidance.
CyberAgents is not a vulnerability scanner — it's an AI pentesting team.
| CyberAgents | Manual Pentest | Auto Scanners | |
|---|---|---|---|
| Time per test | 90–360 min | 2–6 weeks | 2–4 hours |
| Depth | High (9 phases) | Very high | Low (surface) |
| Unit cost | ~€50 | €15K–80K | €200–500 |
| Scalability | Unlimited | Limited by HR | High |
| Real exploitation | Yes (full PoC) | Yes | No (detect only) |
| 24/7 coverage | Yes | No | Yes (limited) |
No other AI pentesting tool has achieved this. CyberAgents autonomously completed full attack chains on HackTheBox "Insane" machines — including multi-step exploitation, chroot jail escapes, CVE-based privilege escalation, and FUSE filesystem tricks. These are the same challenges that take elite human pentesters days to solve.
11-step attack chain: Stored XSS → SSTI → RCE as www-data → MySQL credential extraction → hash cracking → chroot jail SSH → internal Cobbler discovery → CVE-2024-47533 auth bypass → Cheetah template injection → root. 4 Critical + 3 High vulnerabilities.
Full Report →16-step attack chain: Nginx ACL bypass → MinIO metrics exposure → CVE-2023-28432 → S3 bucket enum → Vault token from version history → SSH OTP → sudo vault-unseal → FUSE/sshfs permission bypass → root Vault token → root. 3 Critical + 2 High vulnerabilities.
Full Report →