ARCANGEL0 has released EVA (Exploit Vector Agent), an open-source autonomous AI agent for assisting penetration testing. It guides workflows through attack-strategy planning, command generation, and output analysis, and supports multiple LLM backends.
Open-Source Release · EVA — Exploit Vector Agent
An AI agent that guides the pentest workflow — not a replacement for the expert
EVA plans attack strategy, generates and parses commands, flags vulnerabilities, and suggests next steps — step by step, under human supervision. MIT-licensed, installable in one line, and able to run entirely offline on local models.
MIT
Open-source license, free to use & modify
5+
Selectable AI backends — local or cloud
$0
API cost when run offline via Ollama
8GB+
VRAM/RAM advised for the ~9.8GB local model
The guided workflow — step by step
Recon
Automated enumeration & analysis
→
Assess
Vulnerability identification
→
Suggest
Exploit strategy & next steps
→
Report
HTML/PDF + visual attack map
Sessions persist locally, so the full sequence can be resumed and treated as one continuous workflow.
Backend flexibility — run local, or call the cloud
Ollama
Local / Offline
Privacy-focused, no API cost
OpenAI
Cloud API
GPT-5 / GPT-4.1
Anthropic
Cloud API
Claude-3.5-Sonnet
Google Gemini
Cloud API
gemini-2.0-flash
G4F / Custom
Custom Endpoint
Specify any API
Where agents help
Speed up enumeration & initial analysis
Useful as guides for CTFs and beginners
Strong at reconnaissance
Where humans stay essential
Full autonomy remains difficult
Hallucination & wrong command risk
Exploitation needs human verification
No published benchmarks yet. EVA-specific success rates and timing data have not been released — its emphasis on being a "guide" reflects the current consensus that these tools are strong at recon but require human supervision for exploitation.
Continue reading The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.
Already purchased? Sign in ✓ Signed in — this article isn’t included in your current plan.Unlocking the full article…