kalpmodi

kalpmodi / akira

Public

Phase-chained AI pentest co-pilot. Recon to exploitation in one chain - zero hallucinations, native to Claude Code and Gemini CLI.

ai ai-pentesting bug-bounty bug-bounty-automation claude-code
10
3
69% credibility
Found Apr 21, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

Akira provides a phased skill set for AI coding environments to assist in structured penetration testing and vulnerability discovery with evidence-based findings.

How It Works

1
🔍 Discover Akira

You hear about Akira, a smart helper that guides your AI assistant in finding security weak spots on websites, perfect for bug hunters.

2
📥 Bring it home

You grab the simple setup files and add Akira's skills to your favorite AI coding buddy with just a few easy steps.

3
🧰 Gear up your toolkit

You prepare helpful scanning tools so Akira can explore websites thoroughly and spot real issues.

4
🎯 Launch your first check

You tell Akira to plan a security review for a website, and it starts mapping out everything step by step.

5
🔍 Uncover secrets

Akira digs through subdomains, live spots, hidden keys, and tries exploits, only reporting what it proves with evidence.

6
📊 Sort the gems

Akira scores each finding by importance and confidence, weeding out false alarms so you focus on the real wins.

📄 Get your report

Akira creates a polished security report ready for bug bounties or sharing, celebrating your discovered treasures.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is akira?

Akira ai github delivers a Shell-script pentest co-pilot that plugs slash commands like /plan-engagement, /recon, /secrets, /exploit, and /report directly into Claude Code, Gemini CLI, Cursor, or Codex. It chains full engagements from scoping to reporting, pulling in tools like nuclei and subfinder for evidence-backed findings—no hallucinations, just HTTP-verified bugs. Bug hunters get a session-tracked workflow that outputs real reports or HackerOne submissions without managing 40 separate tools.

Why is it gaining traction?

Unlike PentestGPT's partial chains, Akira handles full lifecycles with artifact handoffs, confidence scores, and specialized modules for OAuth attacks, race conditions, AD exploits, and cloud audits—all native in AI chats via simple install.sh. Real bounty proofs like $2,500 SSRF-to-IAM chains hook testers tired of false positives. The Claude cli integration and CTF mode make it a quick win for chaining recon to zerodayhunt.

Who should use this?

Bug bounty hunters on platforms like HackerOne, red teamers auditing AWS/GCP/Azure, or CTF players tackling HackTheBox web and pwn challenges. Ideal for pentestors already in Claude Code or Gemini CLI who want automated phase chaining for authorized tests. Skip if you're not in AI coding envs or need Burp-heavy workflows.

Verdict

With 10 stars and a 0.7% credibility score, Akira's early but shows promise via solid docs, wiki, real findings, and aggressive roadmap—install and test on your own scopes. Worth starring for Claude cli users; contribute skills to mature it fast.

(178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.