Automate and accelerate your hacking workflows with AI-powered reconnaissance, scanning, enumeration, exploitation, and reporting.
Mitinik is an AI-driven cybersecurity assistant designed to streamline penetration testing and bug bounty workflows. Powered by state-of-the-art language models and integrated with industry-standard tools like Nmap, SQLMap, Nikto, and more, Mitinik intelligently interprets your natural language commands, selects the optimal toolchain, executes attacks or scans, and generates detailed reports — all in one seamless pipeline.
Built with modularity and extensibility in mind, Mitinik offers a powerful platform for security researchers, pentesters, and ethical hackers who want to automate routine tasks while focusing on advanced analysis.
- Natural Language Interface: Issue commands in plain English, and Mitinik handles the rest.
- Adaptive Tool Selection: Powered by a custom LLM integration to intelligently choose the best tool for each task.
- Comprehensive Cybersecurity Workflow:
- Reconnaissance (whois, subfinder, amass, etc.)
- Port and Service Scanning (nmap, rustscan, shodan, httpx)
- Enumeration (nikto, dirb, whatweb, gobuster)
- Exploitation (sqlmap, commix, exploit-db, xsser)
- Automated Reporting with actionable insights
- Extensible State Management: Typed, structured state tracking to keep history and results organized.
- Robust Logging: Save scan results and history for audit and review.
- Open Source & Modular: Easily add new tools and customize workflows.
- Python 3.13+
- External Tools Installed & Available in PATH:
git clone https://github.com/yourusername/mitinik.git
cd mitinik
python -m venv venv
source venv/bin/activate # Linux/macOS
venv\Scripts\activate # Windows
pip install -r requirements.txtSet your OpenAI API key:
export OPENAI_KEY="your_openai_api_key"Launch the interactive Mitinik agent:
python cli.py
Example commands:
Scan the site testphp.vulnweb.comEnumerate hidden directories on example.comExploit sql injection on testphp.vulnweb.comRun whois on google.com
Type exit to quit.
Mitinik is built around the StateGraph pattern, where each node represents a cybersecurity action stage. The AI model (OpenAI GPT-4o-mini) classifies user commands and dynamically routes execution to specialized modules handling reconnaissance, scanning, enumeration, exploitation, and reporting.
State management is strongly typed, ensuring traceability and robustness throughout the workflow.
Contributions are welcome!
MIT License © 2025 Miguel Araújo Julio
Mitinik is designed for ethical hacking and security research purposes only. Always obtain explicit permission before scanning or testing any network or system. The author is not responsible for misuse or damage caused by this tool.
Miguel Araújo Julio — GitHub — julioaraujo.guel@gmail.com