pikpikcu

pikpikcu / airecon

Public

AIRecon is an autonomous cybersecurity agent that combines a self-hosted Large Language Model (Ollama) with a Kali Linux Docker sandbox and a Textual TUI. It is designed to automate security assessments, penetration testing, and bug bounty reconnaissance — without any API keys or cloud dependency.

ai-agents bugbounty ollama penetration-testing reconnaissance
20
3
100% credibility
Found Mar 15, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

AIRecon is a privacy-focused AI agent that automates ethical security testing of websites using a local AI model and isolated sandbox tools.

How It Works

1
🔍 Discover AIRecon

You hear about a smart helper that automatically checks websites for security weaknesses without sending data online.

2
🛠️ Easy setup

Run a simple script to install everything you need on your computer.

3
🧠 Connect your AI brain

Link a free local AI service so it can think and make smart decisions privately.

4
💬 Open the chat window

Launch the friendly text interface where you talk to your security assistant.

5
🎯 Name your target

Type the website or app you want to test, like 'example.com'.

6
🔥 Watch it explore

Your assistant scans for hidden doors, weak spots, and problems automatically.

📊 Get your security report

Receive easy-to-read reports with issues found, proofs, and fix ideas to make your site safer.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 20 to 20 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is airecon?

Airecon is a Python-based autonomous cybersecurity agent that automates security assessments, penetration testing, and bug bounty reconnaissance using a local Ollama LLM, Kali Linux Docker sandbox, and Textual TUI interface. Launch it with `airecon start`, type prompts like "full recon on example.com" or "test SQL injection on api.example.com/login", and it runs tools like nmap, nuclei, ffuf, and semgrep in isolation—generating reports without cloud APIs or external keys. It solves the high cost and privacy risks of cloud LLMs for recursive recon workflows.

Why is it gaining traction?

No API bills or data leaks: everything runs offline with self-hosted models like Qwen3 32B, plus native Caido proxy for request replay and fuzzing with §FUZZ§ markers. Session persistence lets you resume long scans, and the RECON → ANALYSIS → EXPLOIT → REPORT pipeline with checkpoints keeps autonomous agents on track. Developers dig the privacy-first stack over cloud agents that leak targets.

Who should use this?

Bug bounty hunters chaining subdomains to exploits, pentesters automating authorized API assessments, or red teamers testing authenticated flows with TOTP/OAuth support. Ideal for solo ethical hackers avoiding OpenAI/Claude costs on high-volume recon.

Verdict

Promising beta for local AI-driven pentesting (v0.1.5, MIT license), but 18 stars and 1.0% credibility signal early maturity—expect bugs with smaller models or complex chains. Try on a test domain if you need offline automation; skip for production until more battle-tested.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.