Live · v0.10.1 · Open source

Find it.
Chain it.
Prove it.

An autonomous pentesting CLI that maps your attack surface, validates every finding with a safe proof of concept, and chains the results into multi-step attack paths.

open dashboard → pip install ptai

1247 chains traced this week · 8.4k CVEs in pipeline

Scroll to begin

0tools 0specialist agents 0mcp tools SARIF+ ci/cd MITlicensed

01 / 03 · Attack surface

It maps your attack surface.

Subdomain enumeration, port discovery, fingerprinting, JS analysis. Then it stops noisy scans and decides what to chase next, guided by twelve specialist agents that share context.

The difference

Scanners flag.
We weaponize.

Burp, Nessus, and Nuclei give you a flat list of issues. We connect them into multi-step attack paths, score every chain, and validate each step with a safe proof of concept.

med/api/proxy?url= · external fetch5.4

medIMDSv1 metadata reachable6.1

lowIAM node-role over-privileged4.3

medsecrets readable in prod ns5.9

01SSRF on /api/proxy?url=entry

02→ IMDSv1 · STS credspivot

03→ assume node role · eks-nodelateral

04→ aws-auth · cluster-admin9.8

Find what scanners miss.

Free, open source, runs on your laptop. Findings sync to your cloud workspace. Reports in one click.

open dashboard → pip install ptai

Find it. Chain it. Prove it.

It maps your attack surface.

Scanners flag.We weaponize.

Find what scanners miss.

Find it.
Chain it.
Prove it.

Scanners flag.
We weaponize.