CyberSecurityNews

KittySploit – AI-Powered Next-Generation Penetration Testing Framework With 1150+ Modules


KittySploit is a new open-source penetration testing framework that combines a Python and Zig codebase with autonomous AI agents, ship­ping with over 1,150 modules for offensive security teams.

The tool chain includes reconnaissance, exploitation, traffic analysis, payload generation, collaboration, and post-exploitation workflows.

Kitty Interface

KittySploit’s core difference is its integration of local large language models via Ollama, which allows AI agents to autonomously plan attack paths after being fed just a target name.

This autonomous agent handles reconnaissance and suggests exploitation strategies without constant manual input, a capability that aligns with the broader industry shift toward AI-driven pentesting agents seen in tools like PentAGI and xOffense.

The framework’s headline capability is its autonomous agent. Operators can provide a target and connect KittySploit to a locally hosted large language model through Ollama.

The agent is intended to organize reconnaissance findings, evaluate available modules, and propose possible attack paths without sending sensitive engagement data to a hosted AI service.

Kitty OSINT

Recent code changes show a default local Ollama endpoint and add planning, response caching, workflow, and HTTP-intelligence components, indicating that the AI layer extends beyond a simple chatbot interface.

The framework’s payloads are compiled using an integrated Zig 0.16 toolchain, producing stealthy, dependency-free x64 polymorphic encoders designed to bypass modern EDR and WAF defenses.

This evasion-first approach, combined with multi-protocol session handling and native Tor routing, positions KittySploit against automated defense systems that have made traditional exploitation frameworks less effective.

Compared to legacy tools written in Ruby or Java, this modern Python/Zig hybrid core is built for speed and stealth in contemporary web environments.

A standout feature is KittyProxy, an intelligent web proxy that auto-discovers REST APIs, GraphQL endpoints, and WebSocket connections, then automatically runs relevant exploitation modules directly from observed traffic.

This “smart proxy” capability removes manual mapping steps that typically slow down assessments of modern web architectures, addressing a gap that many legacy scanners still struggle to close.

KittySploit ships with KittyCollab, a real-time shared editor for team-based operations, alongside a modern web UI for both proxy analysis and collaborative workflows.

The framework also includes a community-driven marketplace where users can install or share new modules, an ecosystem feature notably not available in Metasploit and Cobalt Strike.

 Strengthen Your SOC by Accelerating Threat Detection & Rapid Investigations. -> Integrate ANY.RUN With Your SOC Now.



Source link