AIRecon is an autonomous penetration testing agent that operates entirely offline, integrating a self-hosted Ollama large language model (LLM) with a Kali Linux Docker sandbox. This setup enables comprehensive security assessments without transmitting any data to external servers.
Developed by researcher pikpikcu, AIRecon addresses the high costs associated with commercial API-based models like GPT-4 or Claude, which often require numerous LLM calls per session, leading to substantial expenses. By running locally, AIRecon ensures that all tool outputs, vulnerability reports, and session data remain on the user’s machine, enhancing data security and privacy.
The tool seamlessly integrates with the Caido proxy and offers five built-in functionalities: list, replay, automate (utilizing `§FUZZ§` markers), findings, and scope management. These features make AIRecon particularly suitable for bug bounty hunters and red teamers who must adhere to strict data-handling protocols.
Structured Engagement Phases
AIRecon structures each engagement into four automated phases, each with specific objectives, recommended tools, and automatic transition criteria. While these phases guide the process, they do not impose rigid constraints, allowing the agent flexibility. Checkpoints occur every five iterations for phase evaluation, every ten for self-evaluation, and every fifteen for context compression.
The comprehensive toolset includes the Kali sandbox, browser automation, a custom fuzzer, Schemathesis for API fuzzing, and Semgrep for static source analysis. This extensive suite enables thorough and efficient penetration testing.
Offline Security Dataset Integration
A notable feature of AIRecon is its optional airecon-dataset companion, which indexes approximately 1.09 million security records into local SQLite FTS5 databases. These records encompass CVEs, red team techniques, CTF write-ups, Nuclei templates, and bug bounty payloads, all accessible offline. The LLM autonomously queries this dataset before attempting unfamiliar techniques, grounding its decisions in real indexed data rather than relying solely on generated content.
Session memory is stored in `~/.airecon/memory/airecon.db`, preserving findings, WAF bypass patterns, tool reliability scores, and per-target attack chain discoveries. This persistent memory informs future behavior, enhancing the tool’s effectiveness over time.
Model Recommendations and Skill Integration
AIRecon requires a model with native tool-calling support and extended thinking capabilities (`
- Qwen3.5 122B: 48+ GB VRAM (Best quality, most reliable)
- Qwen3.5 35B: 20 GB VRAM (Recommended for most users)
- Qwen3.5 35B (MoE): 16 GB VRAM (Lower VRAM footprint)
- Qwen3.5 9B: 6 GB VRAM (Minimum viable setup)
AIRecon includes 57 built-in skill files and 289 keyword-to-skill auto-mappings covering common offensive techniques. Additionally, the community-maintained airecon-skills repository offers 57 extra CLI-based playbooks for CTF, bug bounty, and penetration testing engagements. The tool also supports MCP server integration via `~/.airecon/mcp.json`, allowing dynamic exposure of external tools as first-class agent tools.
Installation and Deployment
Installation from GitHub requires Python 3.12+, Docker 20.10+, and a running Ollama instance. The process can be completed with a single command:
bash
curl -fsSL https://raw.githubusercontent.com/pikpikcu/airecon/refs/heads/main/install.sh | bash
AIRecon’s offline operation and comprehensive feature set make it a valuable tool for security professionals seeking efficient and secure penetration testing solutions without relying on external services.
The development of AIRecon reflects a growing trend towards self-contained, AI-driven security tools that prioritize data privacy and cost-effectiveness. As organizations become increasingly concerned about data exposure and operational expenses, solutions like AIRecon offer a compelling alternative to traditional, cloud-dependent penetration testing tools. This shift underscores the importance of balancing advanced capabilities with stringent data security requirements in the evolving cybersecurity landscape.
