{"id":36949244,"url":"https://github.com/hleliofficiel/exaaiagent","last_synced_at":"2026-04-01T19:01:29.427Z","repository":{"id":328169991,"uuid":"1110155516","full_name":"hleliofficiel/ExaAiAgent","owner":"hleliofficiel","description":"ExaAiAgent — Advanced AI-powered penetration testing framework with Docker sandbox, multi-agent workflows, and 50+ integrated cybersecurity tools.","archived":false,"fork":false,"pushed_at":"2026-03-20T14:41:26.000Z","size":8229,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-20T15:52:12.994Z","etag":null,"topics":["ai-agent","bug-bounty","cybersecurity","hacking","llm","pentesting","prompt-injection","python","security","vulnerability-scanner"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hleliofficiel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":"AUDIT_REPORT.md","citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-04T19:41:18.000Z","updated_at":"2026-03-20T14:41:27.000Z","dependencies_parsed_at":"2025-12-12T18:01:12.292Z","dependency_job_id":null,"html_url":"https://github.com/hleliofficiel/ExaAiAgent","commit_stats":null,"previous_names":["hleliofficiel/exaaiagent"],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/hleliofficiel/ExaAiAgent","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hleliofficiel%2FExaAiAgent","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hleliofficiel%2FExaAiAgent/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hleliofficiel%2FExaAiAgent/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hleliofficiel%2FExaAiAgent/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hleliofficiel","download_url":"https://codeload.github.com/hleliofficiel/ExaAiAgent/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hleliofficiel%2FExaAiAgent/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31291009,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agent","bug-bounty","cybersecurity","hacking","llm","pentesting","prompt-injection","python","security","vulnerability-scanner"],"created_at":"2026-01-13T11:56:26.391Z","updated_at":"2026-04-01T19:01:29.415Z","avatar_url":"https://github.com/hleliofficiel.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\".github/logo.png\" width=\"150\" alt=\"ExaAiAgent Logo\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eExaAiAgent\u003c/h1\u003e\n\n\u003ch2 align=\"center\"\u003eAdvanced AI-Powered Cybersecurity Agent for Comprehensive Penetration Testing\u003c/h2\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n[![Python](https://img.shields.io/pypi/pyversions/exaai-agent?color=3776AB)](https://pypi.org/project/exaai-agent/)\n[![PyPI](https://img.shields.io/pypi/v/exaai-agent?color=10b981)](https://pypi.org/project/exaai-agent/)\n[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)\n[![Version](https://img.shields.io/badge/version-2.2.5-00d4ff.svg)]()\n\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n\u003e [!TIP]\n\u003e **🚀 v2.2.5 Released!** Focused on runtime reliability, cleaner CLI/TUI flows, stronger agent coordination, import-safe sandbox tooling, and improved prompt specialization.\n\u003e\n\u003e 🤖 **Connect Your Agent:** You can onboard another AI agent by pointing it to the repository skill:\n\u003e ```\n\u003e Read https://raw.githubusercontent.com/hleliofficiel/ExaAiAgent/main/SKILL.md and follow the instructions to operate ExaAiAgent\n\u003e ```\n\n---\n\n## 🔥 What's New in v2.2.5\n\n### 🧱 Runtime Reliability \u0026 Developer Workflow\n\nThis release focuses on making ExaAiAgent much more predictable to operate and easier to integrate into agent-driven workflows:\n\n- **CI on Pull Requests**: lint, type-check, unit tests, and smoke tests now run automatically\n- **Legacy Cleanup**: removed stale `strix` references that broke tests and dev tooling\n- **Import-Safe Tool Server**: sandbox tool server no longer parses CLI arguments at import time\n- **Dependency Compatibility Fixes**: resolved `websockets` compatibility issues affecting installs\n\n### 🧠 Better Agent Orchestration\n\n- **Improved Agent Messaging**: fixed agent resume/waiting behavior and sandbox readiness issues\n- **Normalized Agent Statuses**: cleaner status flow across graph, tracer, and UI\n- **Multi-Tool LLM Responses**: no longer truncates model output to the first tool call only\n- **Prompt Module Merging**: role defaults and user-selected modules now combine correctly\n\n### 💻 Better CLI/TUI Behavior\n\n- **Interactive Target Submission**: TUI can now queue a target and start scanning more cleanly\n- **Improved Error Surfacing**: clearer runtime errors in CLI/TUI instead of silent failures\n- **Smarter Prompt Resolution**: auto-detected prompt modules now wire into execution more reliably\n- **Docker Requirement Made Explicit**: first-run/runtime expectations are clearer during startup\n\n### 🤖 AI Agent Integration\n\n- **Repository Skill Updated**: `SKILL.md` now cleanly onboards other AI agents to use and operate ExaAiAgent\n- **OpenClaw-Friendly Operation**: better fit for external AI agents controlling scans or maintaining the tool\n\n### 🛡️ Smart Security Tools\n\n| Tool | Capability |\n|------|------------|\n| **Smart Fuzzer** | Thread-safe, context-aware fuzzing with rate limiting |\n| **Response Analyzer** | SQL errors, stack traces, sensitive data detection |\n| **Vuln Validator** | PoC generation with false positive reduction |\n| **WAF Bypass** | Multi-layer bypass for Cloudflare, Akamai, AWS WAF |\n\n### ⚡ CLI \u0026 Stability\n\n- **Thread-Safety**: Fixed race conditions in async scans\n- **Resource Management**: Auto-shutdown and cleanup of background processes\n- **Installation**: Robust `install.sh` for Linux/macOS (bash/zsh/fish)\n\n```bash\n# New install script\ncurl -sSL https://raw.githubusercontent.com/hleliofficiel/ExaAiAgent/main/install.sh | bash\n```\n\n---\n\n## 🔥 ExaAiAgent Overview\n\nExaAiAgent is an elite AI-powered cybersecurity agent that acts like a real penetration tester - running your code dynamically, finding vulnerabilities, and validating them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing.\n\n**Key Capabilities:**\n\n- 🔧 **Full hacker toolkit** out of the box\n- 🤝 **Teams of agents** that collaborate and scale\n- ✅ **Real validation** with PoCs, not false positives\n- 💻 **Developer‑first** CLI with actionable reports\n- 🔄 **Auto‑fix \u0026 reporting** to accelerate remediation\n- 🧠 **Multi-LLM Support** - OpenAI, Anthropic, Gemini, local models\n- 🌐 **Cloud \u0026 Container Security** testing capabilities\n- 🚀 **Smart Module Loading** - Auto-detects and loads relevant modules\n\n## 🎯 Use Cases\n\n- **Application Security Testing** - Detect and validate critical vulnerabilities\n- **Rapid Penetration Testing** - Get pentests done in hours, not weeks\n- **Bug Bounty Automation** - Automate research and generate PoCs\n- **CI/CD Integration** - Block vulnerabilities before production\n- **API Security Testing** - REST, GraphQL, gRPC security analysis\n- **Cloud Security** - AWS, Azure, GCP configuration review\n\n---\n\n## 🚀 Quick Start\n\n**Prerequisites:**\n\n- Docker (running)\n- Python 3.12+\n- An LLM provider (OpenAI, Anthropic, OpenRouter, Ollama, or any compatible provider)\n\n### Installation \u0026 First Scan\n\n```bash\n# Install ExaAiAgent\n\n# Method 1: Automated Script (Recommended)\npip install exaai-agent \n# Method 2: pipx\npipx install exaai-agent\n\n# Configure your AI provider (choose one)\n\n# Option 1: OpenAI\nexport EXAAI_LLM=\"openai/gpt-5\"\nexport LLM_API_KEY=\"your-openai-key\"\n\n# Option 2: Anthropic\nexport EXAAI_LLM=\"anthropic/claude-sonnet-4-5\"\nexport LLM_API_KEY=\"your-anthropic-key\"\n\n# Option 3: OpenRouter (access multiple models)\nexport EXAAI_LLM=\"openrouter/auto\"\nexport LLM_API_KEY=\"your-openrouter-key\"\nexport LLM_API_BASE=\"https://openrouter.ai/api/v1\"\n\n# Option 4: Ollama (local models)\nexport EXAAI_LLM=\"ollama/llama3\"\nexport LLM_API_BASE=\"http://localhost:11434\"\n\n# Run your first security assessment (auto-detects modules!)\nexaai --target https://your-app.com\n```\n\n\u003e [!NOTE]\n\u003e First run automatically pulls the sandbox Docker image. Results are saved to `exaai_runs/\u003crun-name\u003e`\n\n---\n\n## ✨ Features\n\n### 🛠️ Agentic Security Tools\n\nExaAiAgent agents come equipped with a comprehensive security testing toolkit:\n\n- **Full HTTP Proxy** - Request/response manipulation and analysis\n- **Browser Automation** - Multi-tab browser for XSS, CSRF, auth flows\n- **Terminal Environments** - Interactive shells for command execution\n- **Python Runtime** - Custom exploit development and validation\n- **Reconnaissance** - Automated OSINT and attack surface mapping\n- **Code Analysis** - Static and dynamic analysis capabilities\n- **API Fuzzing** - Advanced REST/GraphQL API testing\n\n### 🎯 Comprehensive Vulnerability Detection\n\nExaAiAgent identifies and validates a wide range of security vulnerabilities:\n\n| Category | Vulnerabilities |\n|----------|-----------------|\n| **Access Control** | IDOR, privilege escalation, auth bypass |\n| **Injection** | SQL, NoSQL, Command, GraphQL injection |\n| **Server-Side** | SSRF, XXE, deserialization flaws |\n| **Client-Side** | XSS, prototype pollution, DOM vulnerabilities |\n| **Business Logic** | Race conditions, workflow manipulation |\n| **Authentication** | JWT vulnerabilities, OAuth/OIDC flaws, session management |\n| **WebSocket** | CSWSH, message injection, DoS |\n| **Infrastructure** | Subdomain takeover, misconfigurations |\n| **WAF Bypass** | Encoding, smuggling, header manipulation |\n\n### 🕸️ Graph of Agents\n\nAdvanced multi-agent orchestration for comprehensive security testing:\n\n- **Distributed Workflows** - Specialized agents for different attacks\n- **Scalable Testing** - Parallel execution for fast coverage\n- **Dynamic Coordination** - Agents collaborate and share discoveries\n\n---\n\n## 💻 Usage Examples\n\n### Basic Usage\n\n```bash\n# Scan a local codebase\nexaai --target ./app-directory\n\n# Security review of a GitHub repository\nexaai --target https://github.com/org/repo\n\n# Black-box web application assessment\nexaai --target https://your-app.com\n```\n\n### Smart Auto-Loading (New in v2.0!)\n\n```bash\n# GraphQL endpoint - auto-loads graphql_security\nexaai --target https://api.example.com/graphql\n\n# WebSocket - auto-loads websocket_security\nexaai --target wss://chat.example.com/socket\n\n# OAuth endpoint - auto-loads oauth_oidc\nexaai --target https://auth.example.com/oauth/authorize\n\n# Subdomain recon - auto-loads subdomain_takeover\nexaai --target example.com --instruction \"enumerate subdomains\"\n```\n\n### Advanced Testing Scenarios\n\n```bash\n# Grey-box authenticated testing\nexaai --target https://your-app.com --instruction \"Perform authenticated testing using credentials: user:pass\"\n\n# Multi-target testing (source code + deployed app)\nexaai -t https://github.com/org/app -t https://your-app.com\n\n# With specific modules (overrides auto-detection)\nexaai --target https://api.example.com --prompt-modules graphql_security,waf_bypass\n\n# Lightweight mode (reduced token consumption)\nexport EXAAI_LIGHTWEIGHT_MODE=true\nexaai --target https://example.com --instruction \"quick security scan\"\n```\n\n### 🤖 Headless Mode\n\nRun ExaAiAgent programmatically without interactive UI:\n\n```bash\nexaai -n --target https://your-app.com\n```\n\n### 🔄 CI/CD (GitHub Actions)\n\n```yaml\nname: exaai-security-test\n\non:\n  pull_request:\n\njobs:\n  security-scan:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - name: Install ExaAiAgent\n        run: curl -sSL https://raw.githubusercontent.com/hleliofficiel/ExaAiAgent/main/install.sh | bash\n\n      - name: Run ExaAiAgent\n        env:\n          EXAAI_LLM: ${{ secrets.EXAAI_LLM }}\n          LLM_API_KEY: ${{ secrets.LLM_API_KEY }}\n        run: exaai -n -t ./\n```\n\n### ⚙️ Configuration\n\n```bash\n# Required\nexport EXAAI_LLM=\"openai/gpt-5\"\nexport LLM_API_KEY=\"your-api-key\"\n\n# Optional - Performance tuning\nexport EXAAI_LIGHTWEIGHT_MODE=true    # Reduced token consumption\nexport EXAAI_MAX_TOKENS=2048          # Max output tokens\nexport LLM_API_BASE=\"your-api-base\"   # For local models\nexport PERPLEXITY_API_KEY=\"key\"       # For search capabilities\n```\n\n**Recommended Models:**\n\n- OpenAI GPT-5 (`openai/gpt-5`)\n- Anthropic Claude Sonnet 4.5 (`anthropic/claude-sonnet-4-5`)\n- Google Gemini 2.0 (`gemini/gemini-2.0-flash`)\n\n---\n\n## 📦 Available Security Modules\n\n### Vulnerability Modules\n\n| Module | Description |\n|--------|-------------|\n| `sql_injection` | SQL/NoSQL injection testing |\n| `xss` | Cross-site scripting attacks |\n| `ssrf` | Server-side request forgery |\n| `xxe` | XML external entity attacks |\n| `rce` | Remote code execution |\n| `idor` | Insecure direct object reference |\n| `authentication_jwt` | Auth \u0026 JWT vulnerabilities |\n| `business_logic` | Business logic flaws |\n| `csrf` | Cross-site request forgery |\n| `race_condition` | Race condition exploits |\n| `graphql_security` | GraphQL-specific attacks |\n| `websocket_security` | WebSocket vulnerabilities |\n| `oauth_oidc` | OAuth2/OIDC flaws |\n| `waf_bypass` | WAF bypass techniques |\n| `subdomain_takeover` | Subdomain takeover |\n| `prompt_injection` | AI/LLM prompt injection attacks |\n| `kubernetes_security` | **NEW!** K8s RBAC \u0026 Pod Security auditing |\n| `subdomain_enumeration` | **NEW!** OSINT-based subdomain discovery |\n| `port_scanning` | **NEW!** Service discovery \u0026 port auditing |\n| `technology_fingerprinting` | **NEW!** Web tech stack identification |\n\n---\n\n## 🆕 Changelog\n\n### v2.2.5 (Latest)\n- **Runtime Reliability**: fixed interactive scan flow, tool-server import safety, sandbox readiness, and agent messaging issues\n- **Developer Workflow**: CI now runs lint, type-check, tests, and smoke checks on pull requests\n- **Prompt Intelligence**: smarter prompt resolution, merged default/user modules, and new specialist prompt modules for planning, validation, reporting, and runtime recovery\n- **Agent Coordination**: normalized statuses and improved multi-tool execution behavior\n- **Agent Onboarding**: refreshed `SKILL.md` so external AI agents can operate and maintain ExaAiAgent more reliably\n\n### v2.2.2\n- **Reconnaissance Engine**: New modules for subdomain enumeration, port scanning, and tech fingerprinting\n- **AI Agent Integration**: OpenClaw/Agent compatibility\n- **Stability Fixes**: ToolManager thread-safety, Resource cleanup\n- **DevEx**: New `install.sh` script, improved logging\n\n### v2.1.2\n- **Bugfix**: Fixed k8s scanner import issue\n- **Banner**: Updated banner version string\n\n### v2.1.0\n- **New Modules**: K8s, Azure, GCP, Prompt Injection\n- **React2Shell**: CVE-2025-55182 detection\n- **Auto-Discovery**: Improved target detection\n\n---\n\n## 🛠️ Troubleshooting\n\n### 🔧 Troubleshooting\n\n#### Problem: \"LLM Connection Failed\" or Model Not Found\nModern models (like `gemini-3-pro-preview`) require the latest version of `litellm` to be recognized correctly.\n\n**Solution: Update LiteLLM**\n```bash\npip install -U litellm\n```\n\n**Linux/Debian Users (Externally Managed Environment):**\nIf you encounter permission errors or \"externally-managed-environment\", you may need to use a virtual environment (`venv`) or force a user install:\n\n```bash\n# Option 1: Virtual Environment (Recommended for Servers)\npython3 -m venv venv\nsource venv/bin/activate\npip install exaai-agent\n\n# Option 2: Force User Install\npip install -U litellm --user --break-system-packages\n```\n\n---\n\n## 🤝 Contributing\n\nWe welcome contributions! Check out our [Contributing Guide](CONTRIBUTING.md).\n\n## 🌟 Support the Project\n\n**Love ExaAiAgent?** Give us a ⭐ on GitHub!\n\n## 🙏 Acknowledgements\n\nExaAiAgent builds on incredible open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual).\n\n\u003e [!WARNING]\n\u003e Only test apps you own or have permission to test. You are responsible for using ExaAiAgent ethically and legally.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhleliofficiel%2Fexaaiagent","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhleliofficiel%2Fexaaiagent","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhleliofficiel%2Fexaaiagent/lists"}