GHOSTCREW emerges as a game-changing open-source toolkit for red teamers and penetration testers. This AI-powered assistant leverages large language models, integrates the MCP protocol, and supports the optional RAG architecture to orchestrate security tools via natural-language prompts.
Developed by GH05TCREW, the project has garnered over 450 stars on GitHub, signaling strong interest in the infosec community. It supports autonomous agent modes, predefined workflows, and markdown report generation, streamlining complex pentests from reconnaissance to exploitation.
GHOSTCREW excels in natural language interaction, allowing users to query network details or launch scans conversationally while maintaining multi-turn dialogue history.
The toolkit manages MCP servers via an interactive menu, enabling seamless configuration of tools stored in mcp.json. Advanced capabilities include Pentesting Task Trees (PTT) for dynamic decision-making in agent mode, streaming responses, and file-aware integration that pulls wordlists or payloads from a local knowledge directory.
Users benefit from optional RAG enhancements for precise, context-aware replies and configurable LLM parameters, with GPT-4o as the default via the OpenAI API.
GHOSTCREW connects to 18 MCP-compatible tools for comprehensive assessments:
| Tool | Purpose |
|---|---|
| Nmap | Network discovery and auditing |
| Metasploit | Exploit execution and payloads |
| FFUF | Web fuzzing |
| SQLMap | SQL injection exploitation |
| Nuclei | Vulnerability scanning |
| Hydra | Brute-force attacks |
| Masscan | High-speed port scanning |
Additional tools like Amass, Katana, and Scout Suite cover subdomain enum, crawling, and cloud audits. Upcoming additions include BloodHound and Gobuster.
Installation starts with cloning the repo at github.com/GH05TCREW/ghostcrew, creating a venv, and pip installing requirements.txt. Node.js and uv are needed for full tool support; without them, chat mode still works.
Launch via python main.py, configure MCP tools on startup, and choose chat, workflow, or agent modes. Multi-line inputs via ‘multi’ command handle intricate queries, with ‘quit’ for exit.
This toolkit lowers barriers for bug bounty hunters and threat analysts by automating workflows and generating structured reports with findings and recommendations.
As AI agents evolve, GHOSTCREW positions pentesters to scale operations efficiently, blending human intuition with machine precision in black-box testing scenarios. Security teams should monitor their growth, given the rising demand for agentic red teaming tools.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
