PentestGPT: A GPT-empowered penetration testing tool

PentestGPT

“PentestGPT” is a new ChatGPT-powered penetration testing tool that assists penetration testers in automating their pentesting activities.

PentestGPT was released on GitHub by “GreyDGL,” a Ph.D. student at Nanyang Technological University in Singapore.

It is built on top of ChatGPT and operates in an interactive mode to guide penetration testers through general and specific processes.

To use the PentestGPT Tool, you must be a ChatGPT + member because it relies on the GPT-4 model for high-quality reasoning and there is currently no public GPT-4 API. A wrapper for ChatGPT sessions has been created to support PentestGPT.

Getting Started

  • PentestGPT is a penetration testing tool empowered by ChatGPT.
  • It is designed to automate penetration testing process.
  • It is built on top of ChatGPT and operate in an interactive mode to guide penetration testers in both overall progress and specific operations.
  • PentestGPT is able to solve easy to medium HackTheBox machines, and other CTF challenges.
  • You can check this example in resources where we use it to solve HackTheBox challenge TEMPLATED (web challenge).
  • A sample testing process of PentestGPT on a target VulnHub machine (Hackable II) is available at here.
  • A sample usage video is below: (or available here: Demo)

Installation

  1. Install requirements.txt with pip install -r requirements.txt
  2. Configure the cookies in config. You may follow a sample by cp config/chatgpt_config_sample.py config/chatgpt_config.py. If you’re using cookies:
    • Login to the ChatGPT session page.
    • In Inspect - Network, find the connections to the ChatGPT session page.
    • Find the cookie in the request header in the request to https://chat.openai.com/api/auth/session and paste it into the cookie field of config/chatgpt_config.py. (You may use Inspect->Network, find session and copy the cookie field in request_headers to https://chat.openai.com/api/auth/session)
    • Note that the other fields are temporarily deprecated due to the update of ChatGPT page.
    • Fill in userAgent with your user agent.
    • If you’re using API:
      • Fill in the OpenAI API key in chatgpt_config.py.
  3. To verify that the connection is configured properly, you may run python3 test_connection.py. You should see some sample conversation with ChatGPT.
    • The sample
    output is below.1. You're connected with ChatGPT Plus cookie. To start PentestGPT, please use <python3 main.py --reasoning_model=gpt-4> ## Test connection for OpenAI api (GPT-4) 2. You're connected with OpenAI API. You have GPT-4 access. To start PentestGPT, please use <python3 main.py --reasoning_model=gpt-4 --useAPI> ## Test connection for OpenAI api (GPT-3.5) 3. You're connected with OpenAI API. You have GPT-3.5 access. To start PentestGPT, please use <python3 main.py --reasoning_model=gpt-3.5-turbo --useAPI>
  4. (Notice) The above verification process for cookie. If you encounter errors after several trials, please try to refresh the page, repeat the above steps, and try again. You may also try with the cookie to https://chat.openai.com/backend-api/conversations. Please submit an issue if you encounter any problems.

Common Questions

  • Q: What is PentestGPT?
    • A: PentestGPT is a penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. It is built on top of ChatGPT and operate in an interactive mode to guide penetration testers in both overall progress and specific operations.
  • Q: Do I need to be a ChatGPT plus member to use PentestGPT?
    • A: Yes. PentestGPT relies on GPT-4 model for high-quality reasoning. Since there is no public GPT-4 API yet, a wrapper is included to use ChatGPT session to support PentestGPT. You may also use GPT-4 API directly if you have access to it.
  • Q: Why GPT-4?
    • A: After empirical evaluation, we found that GPT-4 performs better than GPT-3.5 in terms of penetration testing reasoning. In fact, GPT-3.5 leads to failed test in simple tasks.
  • Q: Why not just use GPT-4 directly?
    • A: We found that GPT-4 suffers from losses of context as test goes deeper. It is essential to maintain a “test status awareness” in this process. You may check the PentestGPT design here for more details.
  • Q: What about AutoGPT?
    • A: AutoGPT is not designed for pentest. It may perform malicious operations. Due to this consideration, we design PentestGPT in an interactive mode. Of course, our end goal is an automated pentest solution.
  • Q: Future plan?
    • A: We’re working on a paper to explore the tech details behind automated pentest. Meanwhile, please feel free to raise issues/discussions. I’ll do my best to address all of them.

Download: PentestGPT

The 9 Best Free and Open Source OSINT Tools

2 Comments

Leave a Reply