A new open-source tool is bridging the gap between artificial intelligence and offensive security operations.
GHOSTCREW is an advanced AI red team assistant that leverages Large Language Models (LLMs), Model Context Protocol (MCP), and Retrieval-Augmented Generation (RAG) to automate complex penetration testing tasks through simple natural language commands.
Unlike standard chatbots that simply provide code snippets, GHOSTCREW is an operational agent capable of executing real-world security tools.
By integrating with the Model Context Protocol, it allows security professionals to orchestrate industry-standard utilities like Metasploit, Nmap, and SQLMap directly from a chat interface.
Intelligent Autonomous Agents
The core of GHOSTCREW is its Agent Mode, which utilizes “Pentesting Task Trees” (PTT) for strategic decision-making.
This allows the AI to break down a user’s high-level objective such as “map the network and check for open SMB ports” into actionable steps, executing them autonomously while dynamically adjusting to new findings.
For structured assessments, the toolkit offers Workflows, enabling researchers to run predefined sequences of tools for comprehensive scans.
It also features a RAG-enhanced knowledge base, allowing the AI to “read” local files such as specific payload lists, configurations, or previous reports to inform its attacks.
GHOSTCREW unifies a fractured landscape of security tools into a single control plane. Below is a breakdown of its current capabilities:
| Category | Supported Tools |
|---|---|
| Network & Port Scanning | Nmap, Masscan, Naabu |
| Web Reconnaissance | Amass, Assetfinder, HTTPx, Wayback URLs |
| Vulnerability Scanning | Nuclei, SSL Scanner, Scout Suite (Cloud) |
| Exploitation & Brute Force | Metasploit Framework, Hydra, SQLMap |
| Fuzzing & Discovery | FFUF, Arjun, Katana, AlterX |
| Infrastructure | Certificate Transparency, Shuffledns |
Post-engagement, GHOSTCREW simplifies the documentation phase by automatically generating detailed Markdown reports.
These reports compile structured findings, evidence of exploitation, and remediation recommendations, saving researchers hours of manual writing.
The tool is available now on GitHub, requiring Python and Node.js for full functionality.
With a roadmap that includes upcoming support for BloodHound and CrackMapExec, GHOSTCREW is positioning itself as an essential force multiplier for modern red teams.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.