Notarized beta DMG now available

Autonomous pentesting, running locally on Apple Silicon.

exploitbot is a native macOS beta for authorized security testing: local MLX models, full-agent tool use, CVE intelligence, supply-chain workflows, live logs, and report-ready evidence.

Download beta DMG View release Source code
SHA256: 647bfa9e662c21e37b0cb79473fcf415a6ce058c15097c321dfa23440660175e
42tool schemas
5languages
MLXlocal runtime
0.1beta release

Built for real operator workflows.

The beta focuses on full-loop usability: broad tool discovery, precise CVE/context retrieval, visible tool progress, persistent settings, and local model runtime proofing.

Agent loop

Autopilot, copilot, manual

Deploy agents that inherit model/settings state, reason through scoped tasks, call tools, and expose current/last tool status in the UI.

Tools

Wide security catalogue

Recon, web, network, credentials, exploit, post-exploit, OSINT, supply-chain, CVE, context, and shell execution are available through one schema surface.

CVE + context

Targeted retrieval

Search local CVE data, import CVE lists, include only the rows you care about, and inject focused context instead of dumping whole histories into prompts.

Supply chain

Secrets, SBOM, dependencies

TruffleHog, Syft, Grype, OSV Scanner, Nuclei, CVE search, and shell fallback are wired into the same action/status lifecycle.

Runtime

Qwen + MiniMax cache proofing

Qwen hybrid SSM attention and MiniMax full-KV attention paths are validated with TurboQuant q4 KV, prefix cache, paged cache, block L2, and warm replay checks.

Evidence

Reports, stash, terminal

Keep artifacts, findings, terminal paths, screenshots, CVE rows, and report state tied to the engagement instead of scattered across ad hoc notes.

Current beta surfaces.

Screenshots are from the latest app proof passes and cover agent status, tool tabs, CVE import, runtime settings, stash, reports, and terminal/tool routing.

Chat panel showing live tool states

Live agent + tool status

Queued, running, done, and error states are visible in chat, sidebars, and agent panels.

agentlogsstatus
Recon tab running discovery

Recon and target mapping

Subdomain, DNS, HTTP probing, and service discovery routes feed the operation context.

reconnmaphttpx
Exploit tab search prepare execute workflow

Exploit workflow

Search, prepare, and execute flows retain status and evidence instead of hiding tool progress.

exploitmetasploitevidence
CVE settings import status

CVE import and filtering

Paste or import lists, include specific CVEs, and keep CVE status visible in settings and tools.

CVEimportfilters
Runtime cache topology settings

Runtime cache settings

Parser, reasoning, cache budgets, KV quantization, prefix cache, and model settings persist across runs.

QwenMiniMaxcache
Tool settings status

Tool installation and paths

Tool availability, installers, terminal paths, and execution status are kept in one operational surface.

toolsterminalpaths
Network protocol tab running

Network protocol checks

SMB, SNMP, capture, tunnels, and protocol workflows can be queued from their native tab surfaces.

networkSMBcapture
Credential cracked badges

Credential audit state

Hash identification, cracking, online checks, and secret scans stay attached to the engagement timeline.

hashcathydrasecrets
OSINT username results

OSINT evidence previews

Metadata, screenshots, username checks, and email checks produce previewable evidence.

OSINTscreensmetadata
Report export status

Report export status

Findings, chains, impact, and artifacts flow toward Markdown, HTML, PDF, and JSON reports.

reportsPDFJSON

Local runtime, release proofed.

The beta DMG bundles the Python engine and a vMLX-compatible Python runtime, then verifies signing, notarization, and core runtime capabilities.

Qwen

Hybrid SSM attention

MXFP4-MTP lanes validate hybrid cache components, SSM companion state, prefix cache, and repeat-prompt hits.

MiniMax

Full-KV attention

MiniMax proofing covers full-KV replay, TurboQuant q4, parser selection, thinking/no-thinking paths, and cached repeat completions.

MiniMax

JANG_K artifact scope

MiniMax JANG_K is metadata-verified for parser and cache wiring; live 80 GB load testing is reserved for a quiet machine.

codesign --verify --deep --strict release/ExploitBot.app
xcrun stapler validate release/ExploitBot.app
xcrun stapler validate release/ExploitBot-beta.dmg
spctl accepted app as Notarized Developer ID
DMG SHA256 647bfa9e662c21e37b0cb79473fcf415a6ce058c15097c321dfa23440660175e

Download the notarized beta DMG.

macOS 14+ on Apple Silicon. The app runs local inference and can install/use external security tools as needed.

v0.1.0-beta · SHA256 647bfa9e662c21e37b0cb79473fcf415a6ce058c15097c321dfa23440660175e
Download beta DMG