Skip to main content
AIDive
EN
Sign in
KittySploit

KittySploit

Today

AI-assisted platform for authorized penetration testing and security research

0

Description

KittySploit is a modular security testing platform that combines a Python framework, a web interface, a traffic-analysis proxy, and AI-assisted features. It is designed for professional red teams, authorized penetration testers, security researchers, and DevSecOps teams. It is not a general-purpose AI assistant or an automatic corporate defense system: KittySploit can help organize a technical assessment, but it does not replace expertise, result verification, or permission from the system owner.

The project is maintained by the KittySploit Team and SIA-IOTechnology. The core code is available in the official GitHub repository, while hosted features and commercial plans are described on the KittySploit website.

The framework and KittyProxy under one roof

The product is built around an extensible framework with modules for reconnaissance, validation of known security issues, and work performed after authorized access has been obtained. Users can operate it through a command-line or web interface, install additional modules from its marketplace, and assemble a workflow for a specific assessment.

KittyProxy intercepts HTTP and HTTPS traffic, supports request inspection and replay, and helps identify REST, GraphQL, and WebSocket interfaces. The vendor advertises AI-assisted request analysis in the commercial edition. KittyCollab provides shared workspaces, while the OSINT graph helps teams connect discovered entities and reconnaissance results.

A local AI agent through Ollama

KittySploit also includes an AI agent that can work with local models through Ollama and assist with research planning. AI is only one component of the platform, however. The agent cannot guarantee that a conclusion is correct, and it does not turn a complex penetration test into a fully autonomous task. AIDive’s guide to AI agents explains how such systems differ from ordinary chatbots by planning and performing sequences of actions.

Community, Pro, and the price of collaboration

As of 13.07.2026, the Community edition is free. It includes the self-hosted framework, KittyProxy Community, marketplace downloads, and no stated limit on the number of authorized targets.

The Pro plan costs €39.99 per month and supports up to two users. It adds KittyCollab, KittyProxy Pro, hosted features, and additional support. Enterprise deployment and pricing are available by arrangement.

Self-hosting requires Python, system dependencies, and practical networking and security knowledge. Some payload-related tooling uses Zig, which makes setup and maintenance more technical than signing up for a conventional SaaS product.

Authorization is the dividing line

KittySploit is a dual-use product. The same capabilities can support a legitimate security audit or an unauthorized attack. It should only be used against systems owned by the operator or targets for which explicit testing permission has been granted. Vendor claims involving the bypass of WAF, EDR, and other defenses should not be presented as independent test results.

Beta status, licensing, and the entry barrier

The project is marked as beta, and version numbers shown in different metadata sources do not always align. Its licensing also deserves clarification: the README and LICENSE describe the open framework as MIT-licensed, while the current pyproject.toml says Proprietary. Organizations should confirm which terms apply to each component before adoption.

KittySploit is most relevant to experienced security teams looking for an extensible environment for authorized assessments. Beginners without a controlled laboratory, access rules, and expert supervision should start with purpose-built training platforms instead of testing the framework on public systems.

3
0 comments

Newsletter

Get notified when new AI tools are added

Join the community.