PentAGI 2.1.0 Download

PentAGI is an AI driven penetration testing assistant designed to help security professionals identify vulnerabilities and analyze system weaknesses.

AI powered tools are rapidly expanding into cybersecurity, offering new ways to automate testing and improve system defenses. PentAGI is an emerging platform designed to assist with penetration testing and security analysis using artificial intelligence.

The platform combines elements of:

Artificial intelligence
Ethical hacking methodologies
Automated security analysis

Its goal is to support security teams by reducing manual effort and improving efficiency during penetration testing workflows.

Download PentAGI 2.1.0 - Software Mirrors
Download PentAGI for Windows amd64 Download PentAGI for macOS amd64 (Intel) Download PentAGI for macOS arm64 (Silicon M-series) Download PentAGI for Linux amd64 Download PentAGI for Linux arm64 PentAGI on Docker hub PentAGI on GitHub
PentAGI 2.1.0 Release Notes: PentAGI 2.1 — File Management, Knowledge Base, ToolCall Observability, and Assistant Flow Control This release adds a complete file management layer (user resource libraries and flow workspace files with container sync), a first-class Knowledge Base with semantic search and anonymization, real-time ToolCall logging, and assistant tools to monitor and steer running flows. It also refreshes model configurations across OpenAI, Anthropic, Gemini, DeepSeek, Qwen, Kimi, and GLM, a broad frontend modernization pass (React 19, Apollo Client v4, Vite 8), and a wide range of stability and security fixes. ![Discord](https://discord.gg/2xrMh7qX6m)⠀![Telegram](https://t.me/+Ka9i6CNwe71hMWQy) Major Features User Resources & Flow Files A new file management layer lets users bring their own files into PentAGI and share them with agents. User Resources — a persistent, per-user file library with MD5-deduplicated storage and a virtual path filesystem. Full REST and GraphQL CRUD (upload, mkdir, move, copy, delete, download), real-time subscriptions, and atomic multi-source / multi-path batch operations. Flow files — per-flow workspace files that sync into worker containers at `/work/uploads` and `/work/resources`. Files can be pulled back out of a running container and promoted into the user library. Attached files are injected into agent system prompts as a structured block, so the assistant is aware of what the user provided. File Manager UI — a reusable tree component with multi-select, keyboard navigation, drag-and-drop, sortable columns, bulk actions, and an overwrite workflow. Used by both the new `/resources` page and the flow Files tab. Limits and hardening — enforced on both ends: 300 MB per file, 1000 files per request, 2 GB total, 255-byte names. Upload paths are protected against directory traversal and symlink escapes. Knowledge Base Management The pgvector memory store is now a first-class, user-manageable resource rather than agent-only auto-storage. GraphQL/REST CRUD plus semantic search over the knowledge store, with admin/user scoping, per-user document ownership, re-embedding on update, and real-time subscriptions. A new `/knowledges` interface with list and detail pages, a TipTap markdown editor, partial updates, inline rename/delete, and a collapsible semantic-search input (hotkey-accessible). Text anonymization — a new `anonymizeText` service (GraphQL/REST) to scrub sensitive data, surfaced directly in the knowledge editor. The vector search engine was rewritten onto direct, parameterized SQL queries — fixing a bug where document IDs were dropped and removing unsafe SQL string interpolation. ToolCall Observability Individual agent tool calls are now logged through a dedicated provider and exposed via GraphQL queries and subscriptions plus a REST API, giving real-time, inspectable visibility into every command, search, and action an agent performs during a flow. Assistant Flow Management The interactive assistant can now observe and steer active flows without leaving the chat. New tools let the assistant read flow status (with multiple detail levels), stop a flow, submit input to a waiting flow, patch subtasks, and block until a task completes. A summarizer cache avoids redundant LLM calls when reporting flow state. Unified Agent Language Policy A single, consistent language policy now spans all agent prompts: vector-store and search-engine queries are forced to English for retrieval consistency, while user-facing messages follow the engagement language. Template variables and tool access were aligned with each agent's actual runtime tool set. New Capabilities Updated Provider Configurations & Models Built-in model configurations were refreshed across multiple providers — OpenAI, Anthropic, Gemini, DeepSeek, Qwen, Kimi, and GLM — to match the current model landscape, with updated model lists, pricing, and context windows. Per-role thinking control — reasoning models such as DeepSeek and Qwen now toggle thinking mode per agent role, so utility roles run without thinking (and honor their sampling parameters) while reasoning, tool-use, and security-analysis roles keep it enabled. New reference configurations — vLLM Qwen 3.6 (thinking and non-thinking, including 35B FP8 variants) bundled in the Docker image, and an Azure OpenAI example. Ollama now surfaces a clear, actionable error when the selected model does not support tool/function calling, instead of a deeply nested stack trace. Per-Model Analytics A new query surfaces token usage broken down by model and agent type within a single flow, integrated into the flow dashboard. Configuration `TERMINAL_TOOL_TIMEOUT` — configurable terminal command timeout (default raised to 1200 seconds, with clamping for out-of-range values). PostgreSQL connection pooling — shared pools for sqlc, GORM, and pgvector with new tunables `DB_MAX_OPEN_CONNS`, `DB_MAX_IDLE_CONNS`, and `DB_VECTOR_MAX_CONNS`. `EMBEDDING_MAX_TEXT_BYTES` — caps the text size sent to the embedding model. The Settings API now exposes `version` and `isDevelopMode`. Frontend Modernization A broad pass touched nearly every list and detail page. Unified list tables — URL-synced filtering, pagination, sorting, and column visibility, with multi-column search ("Search in" column picker) and contextual empty states. Detail navigation — Prev/Position/Next navigation between sibling records, with an in-sheet searchable list. Inline actions — rename, finish, and delete directly from flow, template, and knowledge headers and list rows. Per-route document titles — browser tabs now reflect the actual page (including live flow titles), driven by a centralized title registry. Mobile UX — responsive headers that collapse to icon-only buttons, a unified flow attachment/template picker, and a compact dashboard period switcher. Performance — dashboard period-switch interaction latency reduced from 434 ms to 134 ms, the PDF renderer is lazy-loaded (cutting the report route's initial JS by ~1.5 MB), the knowledge provider is scoped to its own routes (avoiding a ~2.1 MB payload on every page), filtering is debounced, and rename/favorite actions update optimistically for instant feedback. Platform upgrades — React 19, Apollo Client v4, Vite 8 (Rolldown), TypeScript 6, Zod v4, the graphql-codegen v6/v7 toolchain, and the shadcn new-york-v4 component style. The frontend test suite grew from 475 to 541 tests. Accessibility — aria-labels across icon-only buttons, form-field id/name fixes, and Radix dialog compliance. Bug Fixes & Reliability Flow & Agent Execution Task cancellation — subtask generation now runs under a cancellable context, so cancelling a task no longer reports a false success. Custom prompts — user prompt overrides saved in Settings → Prompts are now actually applied to new assistant and flow sessions (they were silently using the defaults). Malformed tool-call JSON — truncated or invalid LLM arguments now fall back to an empty object instead of triggering LiteLLM 400 errors and infinite retry loops; literal control characters in arguments are sanitized before storage. Subscription backpressure — events are dropped for slow or disconnected subscribers after a timeout, preventing goroutine accumulation. Deadlock fixes — resolved a deadlock in the log worker and a nil-channel deadlock when finishing an assistant session. Browser tool — small/empty page content now returns a warning rather than an error, binary URLs are reported clearly, and a failed screenshot no longer discards successfully fetched page content. Knowledge & Data Vector search safety hardened (parameterized queries, memory documents excluded at the SQL level). Fixed recursive resource retrieval over GraphQL, and resource move/copy responses now return the correct entries for client cache consistency. Frontend Fixed a production crash on flow detail pages caused by the minifier stripping function names from document-title components. Eliminated several table state races (filter clearing, pagination URL loops, batched URL updates) and a GraphQL codegen issue that emitted duplicate types and broke the dev server. API token names are no longer lost when a subscription refetches the table mid-edit; the default button type no longer triggers accidental form submits. Security Flow file uploads are hardened against path traversal and symlink escapes, with size and count limits enforced on both the backend and the frontend. Knowledge vector search uses parameterized queries, removing prior string-interpolated SQL. New endpoints enforce user/admin privilege scoping, with dedicated privileges (`anonymize.call`, toolcall access) added via migration. Text anonymization is available to scrub sensitive data from stored knowledge. Documentation Extensive user-facing documentation was added, including a first-use guide, a pentesting prompt methodology guide, memory lifecycle across flows, capability boundaries, OAuth callback setup, a Docker mirror guide for restricted networks, OSINT integration scenarios, the flow Files tab, DeepSeek V4 migration and pricing, and a clarification that Vertex AI is reachable today only via an OpenAI-compatible gateway. Two design RFCs — flow concurrency with completion webhooks, and MCP client integration — were added under `examples/proposals/` as design proposals with no runtime code yet. Upgrade Notes DeepSeek: deployments using the legacy `deepseek-chat` / `deepseek-reasoner` model names should migrate to `deepseek-v4-flash` / `deepseek-v4-pro` before the upstream deprecation on 2026-07-24. Database: connection-pool settings were consolidated to `DB_MAX_OPEN_CONNS`, `DB_MAX_IDLE_CONNS`, and `DB_VECTOR_MAX_CONNS` — verify against `.env.example`. Terminal timeout: `TERMINAL_TOOL_TIMEOUT` default raised from 600 to 1200 seconds; review if a lower value was intentional. Frontend development now requires `pnpm` (previously npm). Database migrations apply automatically at startup. After pulling, rebuild and restart: `docker compose build && docker compose up -d`. Contributors Core Team @asdek (Dmitry Nagibin) — User resources & flow files backend, knowledge base API and vector search, ToolCall logging, anonymizer, assistant flow management tools, agent language policy, provider model updates, database connection pooling, and flow reliability fixes @sirozha (Sergey Kozyrenko) — File Manager component, resources/knowledges/flow-files UI, unified list tables and multi-column search, detail navigation, document titles, mobile UX, frontend platform upgrade (React 19 / Apollo v4 / Vite 8), and performance & accessibility work External Contributors @mason5052 — Custom prompts fix, Ollama tool-support error clarity, DeepSeek V4 migration, flow file upload hardening, and extensive documentation and design RFCs (flow concurrency, MCP client integration, evidence chain) @Kairos-T — Documentation mermaid syntax fix (PR#259) Full Changelog: https://github.com/vxcontrol/pentagi/compare/v2.0.0...v2.1.0

Download PentAGI 2.1.0 - Software Mirrors

Download PentAGI
for Windows amd64

Download PentAGI
for macOS amd64 (Intel)

Download PentAGI
for macOS arm64 (Silicon M-series)

Download PentAGI
for Linux amd64

Download PentAGI
for Linux arm64

PentAGI on Docker hub

PentAGI on GitHub

PentAGI 2.1.0 Release Notes:

PentAGI 2.1 — File Management, Knowledge Base, ToolCall Observability, and Assistant Flow Control
This release adds a complete file management layer (user resource libraries and flow workspace files with container sync), a first-class Knowledge Base with semantic search and anonymization, real-time ToolCall logging, and assistant tools to monitor and steer running flows. It also refreshes model configurations across OpenAI, Anthropic, Gemini, DeepSeek, Qwen, Kimi, and GLM, a broad frontend modernization pass (React 19, Apollo Client v4, Vite 8), and a wide range of stability and security fixes.
![Discord](https://discord.gg/2xrMh7qX6m)⠀![Telegram](https://t.me/+Ka9i6CNwe71hMWQy)

Major Features

User Resources & Flow Files

A new file management layer lets users bring their own files into PentAGI and share them with agents.

User Resources — a persistent, per-user file library with MD5-deduplicated storage and a virtual path filesystem. Full REST and GraphQL CRUD (upload, mkdir, move, copy, delete, download), real-time subscriptions, and atomic multi-source / multi-path batch operations.

Flow files — per-flow workspace files that sync into worker containers at /work/uploads and /work/resources. Files can be pulled back out of a running container and promoted into the user library. Attached files are injected into agent system prompts as a structured block, so the assistant is aware of what the user provided.

File Manager UI — a reusable tree component with multi-select, keyboard navigation, drag-and-drop, sortable columns, bulk actions, and an overwrite workflow. Used by both the new /resources page and the flow Files tab.

Limits and hardening — enforced on both ends: 300 MB per file, 1000 files per request, 2 GB total, 255-byte names. Upload paths are protected against directory traversal and symlink escapes.

Knowledge Base Management

The pgvector memory store is now a first-class, user-manageable resource rather than agent-only auto-storage.

GraphQL/REST CRUD plus semantic search over the knowledge store, with admin/user scoping, per-user document ownership, re-embedding on update, and real-time subscriptions.

A new /knowledges interface with list and detail pages, a TipTap markdown editor, partial updates, inline rename/delete, and a collapsible semantic-search input (hotkey-accessible).

Text anonymization — a new anonymizeText service (GraphQL/REST) to scrub sensitive data, surfaced directly in the knowledge editor.

The vector search engine was rewritten onto direct, parameterized SQL queries — fixing a bug where document IDs were dropped and removing unsafe SQL string interpolation.

ToolCall Observability

Individual agent tool calls are now logged through a dedicated provider and exposed via GraphQL queries and subscriptions plus a REST API, giving real-time, inspectable visibility into every command, search, and action an agent performs during a flow.

Assistant Flow Management

The interactive assistant can now observe and steer active flows without leaving the chat. New tools let the assistant read flow status (with multiple detail levels), stop a flow, submit input to a waiting flow, patch subtasks, and block until a task completes. A summarizer cache avoids redundant LLM calls when reporting flow state.

Unified Agent Language Policy

A single, consistent language policy now spans all agent prompts: vector-store and search-engine queries are forced to English for retrieval consistency, while user-facing messages follow the engagement language. Template variables and tool access were aligned with each agent's actual runtime tool set.

New Capabilities

Updated Provider Configurations & Models

Built-in model configurations were refreshed across multiple providers — OpenAI, Anthropic, Gemini, DeepSeek, Qwen, Kimi, and GLM — to match the current model landscape, with updated model lists, pricing, and context windows.

Per-role thinking control — reasoning models such as DeepSeek and Qwen now toggle thinking mode per agent role, so utility roles run without thinking (and honor their sampling parameters) while reasoning, tool-use, and security-analysis roles keep it enabled.

New reference configurations — vLLM Qwen 3.6 (thinking and non-thinking, including 35B FP8 variants) bundled in the Docker image, and an Azure OpenAI example.

Ollama now surfaces a clear, actionable error when the selected model does not support tool/function calling, instead of a deeply nested stack trace.

Per-Model Analytics

A new query surfaces token usage broken down by model and agent type within a single flow, integrated into the flow dashboard.

Configuration

TERMINAL_TOOL_TIMEOUT — configurable terminal command timeout (default raised to 1200 seconds, with clamping for out-of-range values).

PostgreSQL connection pooling — shared pools for sqlc, GORM, and pgvector with new tunables DB_MAX_OPEN_CONNS, DB_MAX_IDLE_CONNS, and DB_VECTOR_MAX_CONNS.

EMBEDDING_MAX_TEXT_BYTES — caps the text size sent to the embedding model.

The Settings API now exposes version and isDevelopMode.

Frontend Modernization

A broad pass touched nearly every list and detail page.

Unified list tables — URL-synced filtering, pagination, sorting, and column visibility, with multi-column search ("Search in" column picker) and contextual empty states.

Detail navigation — Prev/Position/Next navigation between sibling records, with an in-sheet searchable list.

Inline actions — rename, finish, and delete directly from flow, template, and knowledge headers and list rows.

Per-route document titles — browser tabs now reflect the actual page (including live flow titles), driven by a centralized title registry.

Mobile UX — responsive headers that collapse to icon-only buttons, a unified flow attachment/template picker, and a compact dashboard period switcher.

Performance — dashboard period-switch interaction latency reduced from 434 ms to 134 ms, the PDF renderer is lazy-loaded (cutting the report route's initial JS by ~1.5 MB), the knowledge provider is scoped to its own routes (avoiding a ~2.1 MB payload on every page), filtering is debounced, and rename/favorite actions update optimistically for instant feedback.

Platform upgrades — React 19, Apollo Client v4, Vite 8 (Rolldown), TypeScript 6, Zod v4, the graphql-codegen v6/v7 toolchain, and the shadcn new-york-v4 component style. The frontend test suite grew from 475 to 541 tests.

Accessibility — aria-labels across icon-only buttons, form-field id/name fixes, and Radix dialog compliance.

Bug Fixes & Reliability

Flow & Agent Execution

Task cancellation — subtask generation now runs under a cancellable context, so cancelling a task no longer reports a false success.

Custom prompts — user prompt overrides saved in Settings → Prompts are now actually applied to new assistant and flow sessions (they were silently using the defaults).

Malformed tool-call JSON — truncated or invalid LLM arguments now fall back to an empty object instead of triggering LiteLLM 400 errors and infinite retry loops; literal control characters in arguments are sanitized before storage.

Subscription backpressure — events are dropped for slow or disconnected subscribers after a timeout, preventing goroutine accumulation.

Deadlock fixes — resolved a deadlock in the log worker and a nil-channel deadlock when finishing an assistant session.

Browser tool — small/empty page content now returns a warning rather than an error, binary URLs are reported clearly, and a failed screenshot no longer discards successfully fetched page content.

Knowledge & Data

Vector search safety hardened (parameterized queries, memory documents excluded at the SQL level).

Fixed recursive resource retrieval over GraphQL, and resource move/copy responses now return the correct entries for client cache consistency.

Frontend

Fixed a production crash on flow detail pages caused by the minifier stripping function names from document-title components.

Eliminated several table state races (filter clearing, pagination URL loops, batched URL updates) and a GraphQL codegen issue that emitted duplicate types and broke the dev server.

API token names are no longer lost when a subscription refetches the table mid-edit; the default button type no longer triggers accidental form submits.

Security

Flow file uploads are hardened against path traversal and symlink escapes, with size and count limits enforced on both the backend and the frontend.

Knowledge vector search uses parameterized queries, removing prior string-interpolated SQL.

New endpoints enforce user/admin privilege scoping, with dedicated privileges (anonymize.call, toolcall access) added via migration.

Text anonymization is available to scrub sensitive data from stored knowledge.

Documentation

Extensive user-facing documentation was added, including a first-use guide, a pentesting prompt methodology guide, memory lifecycle across flows, capability boundaries, OAuth callback setup, a Docker mirror guide for restricted networks, OSINT integration scenarios, the flow Files tab, DeepSeek V4 migration and pricing, and a clarification that Vertex AI is reachable today only via an OpenAI-compatible gateway. Two design RFCs — flow concurrency with completion webhooks, and MCP client integration — were added under examples/proposals/ as design proposals with no runtime code yet.

Upgrade Notes

DeepSeek: deployments using the legacy deepseek-chat / deepseek-reasoner model names should migrate to deepseek-v4-flash / deepseek-v4-pro before the upstream deprecation on 2026-07-24.

Database: connection-pool settings were consolidated to DB_MAX_OPEN_CONNS, DB_MAX_IDLE_CONNS, and DB_VECTOR_MAX_CONNS — verify against .env.example.

Terminal timeout: TERMINAL_TOOL_TIMEOUT default raised from 600 to 1200 seconds; review if a lower value was intentional.

Frontend development now requires pnpm (previously npm).

Database migrations apply automatically at startup. After pulling, rebuild and restart: docker compose build && docker compose up -d.

Contributors

Core Team

@asdek (Dmitry Nagibin) — User resources & flow files backend, knowledge base API and vector search, ToolCall logging, anonymizer, assistant flow management tools, agent language policy, provider model updates, database connection pooling, and flow reliability fixes

@sirozha (Sergey Kozyrenko) — File Manager component, resources/knowledges/flow-files UI, unified list tables and multi-column search, detail navigation, document titles, mobile UX, frontend platform upgrade (React 19 / Apollo v4 / Vite 8), and performance & accessibility work

External Contributors

@mason5052 — Custom prompts fix, Ollama tool-support error clarity, DeepSeek V4 migration, flow file upload hardening, and extensive documentation and design RFCs (flow concurrency, MCP client integration, evidence chain)

@Kairos-T — Documentation mermaid syntax fix (PR#259)

Full Changelog: https://github.com/vxcontrol/pentagi/compare/v2.0.0...v2.1.0

Key Features of PentAGI

AI Assisted Penetration Testing

PentAGI leverages AI to assist in identifying potential vulnerabilities.

Capabilities may include:

Suggesting attack vectors
Analyzing system responses
Generating testing strategies

This helps security professionals accelerate the testing process.

Workflow Automation

PentAGI aims to automate repetitive tasks involved in penetration testing.

Examples include:

Scanning for vulnerabilities
Organizing findings
Generating reports

Automation helps reduce time spent on routine operations.

Intelligent Recommendations

The platform can provide contextual recommendations based on detected issues.

This may include:

Suggested remediation steps
Security best practices
Risk prioritization

These insights help teams respond more effectively to vulnerabilities.

Integration Potential

PentAGI may integrate with existing security tools and workflows, such as:

Vulnerability scanners
Logging systems
DevOps pipelines

This allows it to fit into modern security environments.

Reporting and Documentation

PentAGI can assist in generating structured reports that summarize findings, risks, and suggested fixes.

This is useful for:

Security audits
Compliance documentation
Client reporting

Performance and Usability

PentAGI is designed for cybersecurity professionals and technical users.

Performance characteristics:

Fast analysis through AI assistance
Reduced manual workload
Scalable for different environments

Usability considerations:

Requires knowledge of penetration testing concepts
May involve a learning curve for new users
Effectiveness depends on configuration and use case

Pros and Cons

Advantages

AI driven approach to penetration testing
Automates repetitive security tasks
Provides intelligent recommendations
Supports modern security workflows
Improves efficiency for security teams

Limitations

Not a replacement for human expertise
May require technical knowledge to use effectively
Limited public documentation compared to established tools
Accuracy depends on AI model capabilities

Who Should Use PentAGI

PentAGI is best suited for:

Cybersecurity professionals
Penetration testers
Security researchers
DevSecOps teams
Organizations improving security posture

It is particularly useful for teams looking to integrate AI into their security processes.

Final Verdict

PentAGI represents a modern approach to cybersecurity by combining artificial intelligence with penetration testing practices. It helps automate repetitive tasks, provides intelligent insights, and improves efficiency for security professionals.

While it does not replace human expertise, PentAGI can serve as a valuable assistant in identifying vulnerabilities and strengthening system defenses.

Free

Download

Software Informations:
Developer:
VXControl L.L.C-FZ
Operating System:
Windows / macOS / Linux
Date Added:
2026-05-29T19:14:28.941Z
Categories:
Developer Tools

Software Mirrors