Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Armur-Ai/Pentest-Swarm-AI/llms.txt

Use this file to discover all available pages before exploring further.

pentestswarm doctor is your first stop when something is not working. It runs eight infrastructure checks (API server, database, cache, Ollama, Docker, Go version, disk, and RAM) and then probes for every security tool the swarm can use, grouped by purpose. Missing Go-installable tools can be auto-installed with --fix; everything else prints a copy-pasteable shell command. pentestswarm init is the companion command you run once after installation. It captures your Claude API key into the OS keychain, runs the same tool probe, and writes a minimal ~/.pentestswarm/config.yaml so all other commands have sensible defaults.

Synopsis

pentestswarm doctor [flags]
pentestswarm init   [flags]

doctor — Flags

--fix
boolean
default:"false"
Automatically run go install for any missing tools whose install hint is a go install ... command. Tools that require brew, apt, or pip are printed as shell commands for you to run manually — doctor --fix never touches your package manager.

Infrastructure checks

doctor checks these eight infrastructure components in order:
#CheckWhat it testsFix hint when failing
1API server reachableTCP dial to localhost:8080pentestswarm serve
2PostgreSQL connectionTCP dial to localhost:5432docker compose -f deploy/docker-compose.dev.yml up -d
3Redis connectionTCP dial to localhost:6379docker compose -f deploy/docker-compose.dev.yml up -d
4Ollama runningTCP dial to localhost:11434Install from https://ollama.com, then ollama serve
5Docker daemondocker info --format {{.ServerVersion}}Install from https://docker.com
6Go versionruntime.Version()Always passes — reports the compiled Go version
7Disk space (>10 GB)Simplified heuristic checkEnsure ≥10 GB free on the working drive
8RAM (>8 GB)runtime.MemStats.Sys estimateEnsure ≥8 GB RAM available
Example output: 
🔍 pentestswarm doctor — checking system health

  ✅ API server reachable — listening on :8080
  ✅ PostgreSQL connection — listening on :5432
  ✅ Redis connection — listening on :6379
  ❌ Ollama running — not reachable — install from https://ollama.com and run 'ollama serve'
  ✅ Docker daemon — v26.1.4
  ✅ Go version — go1.22.4
  ✅ Disk space (>10GB) — check passed
  ✅ RAM (>8GB) — 16384 MB available to process

7/8 infra checks passed
API server, PostgreSQL, and Redis are optional for local CLI-only use. They are required only when you run pentestswarm serve and use the web dashboard or REST API. The swarm functions without them.

Security tools probe

After the infrastructure checks, doctor probes the PATH for every security tool the swarm can leverage. Tools are grouped by function:

Reconnaissance

ToolPurposeInstall
subfinderPassive subdomain enumerationgo install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
dnsxDNS A/AAAA/CNAME resolutiongo install github.com/projectdiscovery/dnsx/cmd/dnsx@latest
httpxHTTP probing and fingerprintinggo install github.com/projectdiscovery/httpx/cmd/httpx@latest
naabuFast port scanninggo install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
katanaWeb crawler (JS-aware)go install github.com/projectdiscovery/katana/cmd/katana@latest
gauHistorical URL discoverygo install github.com/lc/gau/v2/cmd/gau@latest
nmapPort and service scannerbrew install nmap / apt install nmap
amassDeep OSINT and ASMbrew install amass / apt install amass

Vulnerability scanners

ToolPurposeInstall
nucleiCVE + misconfiguration templates (critical)go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
sqlmapSQL-injection exploitationbrew install sqlmap / apt install sqlmap

Content discovery

ToolPurposeInstall
ffufURL and parameter fuzzinggo install github.com/ffuf/ffuf/v2@latest
gobusterAlternative content discoverybrew install gobuster / apt install gobuster

Source / secret scanning

ToolPurposeInstall
trufflehogRepository and artifact secret scanningbrew install trufflehog
gitleaksGit history secret scanningbrew install gitleaks
semgrepSAST for in-scope repositoriespip install semgrep

Evidence capture

ToolPurposeInstall
gowitnessHeadless screenshots for reportsgo install github.com/sensepost/gowitness@latest
Example probe output: 
Security tools

  Reconnaissance
    ✓ subfinder      passive subdomain enum
    ✓ dnsx           DNS resolution
    ✓ httpx          HTTP probing
    ✗ naabu          fast port scanning  →  go install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
    ✓ katana         web crawling
    ✗ gau            historical URL discovery  →  go install github.com/lc/gau/v2/cmd/gau@latest
    ✓ nmap           port + service scanner
    ✗ amass          deep OSINT / ASM  →  brew install amass

  Vulnerability scanners
    ✓ nuclei         CVE + misconfig templates
    ✓ sqlmap         SQL-injection exploitation

  ...

11/16 tools present

Auto-fix

When --fix is passed, doctor attempts to install every missing tool whose install hint begins with go install: 
pentestswarm doctor --fix

Auto-fix
  [running] naabu    go install github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
  [installed] naabu
  [running] gau      go install github.com/lc/gau/v2/cmd/gau@latest
  [installed] gau

  Run these yourself (auto-fix doesn't touch your package manager):
    $ brew install amass
    $ brew install trufflehog
    $ pip install semgrep
--fix never calls brew, apt, pip, or any system package manager on your behalf. It only runs go install commands, which install binaries to your $GOPATH/bin. Ensure that directory is in your PATH.

pentestswarm init

init is the one-time interactive setup command you run once after installing the binary. It does three things:
  1. Captures your Claude API key — prompts for the key (or reads from env in CI mode) and stores it in the OS native keychain (macOS Keychain, Linux Secret Service, Windows Credential Manager). The key is never written to disk.
  2. Runs the tool probe — prints the same grouped checklist as doctor.
  3. Writes ~/.pentestswarm/config.yaml — a minimal config file with sensible defaults. The API key is intentionally omitted from this file so it is safe to commit.
pentestswarm init

init — Flags

--non-interactive
boolean
default:"false"
Skip all prompts. Reads the API key from PENTESTSWARM_ORCHESTRATOR_API_KEY or ANTHROPIC_API_KEY environment variables. Useful for CI/CD pipelines.
--force
boolean
default:"false"
Overwrite an existing keychain entry and config.yaml without prompting.
Generated ~/.pentestswarm/config.yaml: 
# Pentest Swarm AI — configuration.
# The API key is NOT in this file — it lives in the OS keychain.
# This file is safe to commit.

orchestrator:
  provider: claude
  model: claude-sonnet-4-6
  context_window: 200000
  max_tokens: 8192
  temperature: 0.1

scope:
  enforce_strict: true

logging:
  level: info
  format: console
CI-friendly init (no prompts): 
export ANTHROPIC_API_KEY="sk-ant-..."
pentestswarm init --non-interactive

Examples

# Run the health check and tool probe (report only)
pentestswarm doctor

# Auto-install all Go-installable missing tools
pentestswarm doctor --fix

# First-time interactive setup
pentestswarm init

# CI setup — reads key from environment, no prompts
ANTHROPIC_API_KEY=sk-ant-... pentestswarm init --non-interactive

# Force overwrite existing config and keychain entry
pentestswarm init --force

scan

Run a pentest after doctor confirms all dependencies are healthy

serve

Start the API server whose reachability doctor checks

playbook

Check which tools your playbooks require are installed

scope

Import bug-bounty scope after credentials are set up with init

Build docs developers (and LLMs) love

Get started for freeTalk to us