fzn0x

fzn0x / watchtower

Public

Watchtower is a simple AI-powered penetration testing automation CLI tool that leverages LLMs and LangGraph to orchestrate agentic workflows that you can use to test your websites locally. Generate useful pentest reports for your websites.

ai-cybersecurity automation-testing claude langgraph openrouter
29
3
100% credibility
Found Feb 28, 2026 at 13 stars 2x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Watchtower is an AI-orchestrated automation tool for conducting authorized penetration tests on websites using a suite of security scanning utilities to identify vulnerabilities and generate reports.

How It Works

1
🔍 Discover Watchtower

You find this smart security checker while looking for easy ways to test if your website is safe from hackers.

2
💻 Get it ready on your computer

Download the program and set it up quickly so everything is prepared for testing.

3
🤖 Connect a thinking AI helper

Link up an AI service that acts like a clever brain to plan and run the checks.

4
🎯 Pick your site and helpers

Choose the website to scan and select from a list of ready-to-use scanning tools that fit your needs.

5
▶️ Launch the security adventure

Start the test and watch as the AI smartly decides steps, runs scans, and spots issues automatically.

6
📊 See findings appear live

Follow along as problems like weak spots or risks get highlighted in real time.

Get your safety report

Receive a polished summary document listing issues found, so you can fix them and sleep better.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 29 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is watchtower?

Watchtower is a Python CLI tool that automates penetration testing for local websites using AI agents driven by LLMs like Claude, Gemini, or GPT, orchestrated via LangGraph workflows. Point it at a target with `python -m watchtower.main -t https://example.com`, select from 23 security tools like nmap, nuclei, or sqlmap via interactive checkboxes (or run headless), and get structured vulnerability findings plus a PDF report from SQLite-stored results. It handles auth cookies/headers for logged-in scans and skips missing tools automatically.

Why is it gaining traction?

Unlike containrrr watchtower github's Docker updater or docker watchtower github's container watcher, this watchtower alternative focuses on AI-guided pentests with parallel tool runs and smart output truncation to cut noise. Multi-LLM support via .env swaps and Docker Compose setup make it dead simple—no vendor lock-in. Devs hook on the agent loop that plans, executes, analyzes, and reports without manual scripting.

Who should use this?

Red teamers prototyping local web app scans before live tests. Security devs generating quick reports for internal reviews on self-hosted sites. Bug bounty preppers chaining subfinder, httpx, and nuclei in one command, especially with custom headers for API endpoints.

Verdict

Early days at 12 stars and 1.0% credibility—docs shine but expect LLM hallucinations and tool quirks; always verify manually. Grab it as a watchtower github fork for docker watchtower alternative pentest automation if you're comfy tweaking Python CLIs.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.