Find the best AI agent tools for security auditing, vulnerability scanning, and automated penetration testing.
AI-first security scanner with 76 analyzers, 7,300+ detection rules, and repo poisoning detection for AI/ML, LLM agents, and MCP servers. Scan any GitHub repo with: medusa scan --git user/repo
Security operations toolkit for AI coding agents. Give Claude Code 25+ skills to catch vulnerabilities, scan containers, detect secrets, and enforce policies automatically.
AI-powered security assessment SKILLS for your codebase. Multi-language (JS, Go, Python, Rust, Java, PHP, Ruby, C#). Works with Claude Code, Codex, OpenCode, etc.
Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.
AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of security tools.
EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.
AI-powered subdomain enumeration tool with local LLM analysis via Ollama - 100% private, zero API costs
Open-source Python, TypeScript, and Go SAST with dead code detection. Finds secrets, exploitable flows, and AI regressions. VS Code extension, GitHub Action, and MCP server for AI agents.
Security toolkit for AI agents. Scan your machine for dangerous skills and MCP configs, monitor for supply chain attacks, test prompt injection resistance, and audit live MCP servers for tool poisoning.
| Tool | Stars | Language | License | Score |
|---|---|---|---|---|
| medusa | ★ 174 | Python | AGPL-3.0 | 36 |
| SecOpsAgentKit | ★ 71 | Open Policy Agent | — | 29 |
| perseus | ★ 30 | Shell | MIT | 32 |
| reconmap | ★ 915 | JavaScript | Apache-2.0 | 44 |
| fuzzforge_ai | ★ 769 | Python | — | 44 |
| Auditor | ★ 534 | Python | — | 36 |
| EVA | ★ 381 | Python | — | 40 |
| god-eye | ★ 432 | Go | — | 33 |
| skylos | ★ 356 | Python | Apache-2.0 | 39 |
| agentseal | ★ 147 | Python | — | 41 |
The top security auditing tools include medusa, SecOpsAgentKit, perseus. These are ranked by our composite score based on GitHub stars, community activity, and code quality.
Most tools listed here are open-source. 4 out of 10 have explicit open-source licenses, making them free to use and modify.
Consider your tech stack (language compatibility), project scale (stars indicate community trust), and specific features you need. Use the comparison table above to evaluate side by side.
Top 20 fastest-growing AI tools delivered every Monday. Free.
No spam, unsubscribe anytime.