AIRecon is an autonomous penetration testing agent that runs entirely offline, combining a self-hosted Ollama LLM with a Kali Linux Docker sandbox<\/a> to automate end-to-end security assessments without exposing any data to the cloud.<\/p>\n Developed by researcher pikpikcu, it eliminates the prohibitive cost of commercial API-based models like GPT-4 or Claude for recursive recon workflows that can demand thousands of LLM calls per session.<\/p>\n Commercial AI-powered security tools send target intelligence to external servers and require ongoing API subscriptions. AIRecon flips this model entirely; all tool output, vulnerability reports, and session data stay on the operator\u2019s machine.<\/p>\n It integrates natively with Caido proxy, offering five built-in tools: list, replay, automate (using AIRecon structures every engagement through four automated phases, each with defined objectives, recommended tools, and automatic transition criteria. Phase enforcement is intentionally soft; the agent is guided but never blocked, and checkpoints fire every 5 iterations (phase evaluation), every 10 (self-evaluation), and every 15 (context compression).<\/p>\n The full stack includes the Kali sandbox<\/a>, browser automation, a custom fuzzer, Schemathesis API fuzzing, and Semgrep SAST for static source analysis.<\/p>\n One of AIRecon\u2019s standout features is its optional airecon-dataset companion, which indexes approximately 1.09 million security records into local SQLite FTS5 databases including CVEs, red team techniques, CTF writeups, Nuclei templates, and bug bounty payloads all completely offline.<\/p>\n The LLM autonomously calls AIRecon requires a model with native tool-calling support and extended thinking (\u00a7FUZZ\u00a7<\/code> markers), findings, and scope management. This makes it particularly well-suited for bug bounty hunters and red teamers who operate under strict data-handling policies.<\/p>\n![\"AIrecon](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhffxsrLxI-VhkH4eFrJFF09StyKKUenMpTLx5mQgc0vEC8m4PZKJpk7JrumF7cHv8j1yMxHvK7c-D8602WRuEzm29weGwSi4xzKn-OvWtuC52PI_vjPdhmcGYhpZsGx_AG00cBIbbH6BPtIbj0P_mwE0W7p0FQBMVV7E8RJ-MTCh0czRzzB941bbWR3Ceg\/s16000\/airecon.webp?ssl=1\")
dataset_search<\/code> before attempting unfamiliar techniques, grounding its decisions in real indexed data rather than pure hallucination. Session memory persists in ~\/.airecon\/memory\/airecon.db<\/code>, storing findings, WAF bypass patterns, tool reliability scores, and per-target attack chain discoveries that shape future behavior.<\/p>\n<think><\/code> blocks). Models below 8B parameters are strongly discouraged due to frequent hallucinations, invented CVEs, and unreliable tool calls. Recommended configurations:<\/p>\n