Cairn AI Automated Penetration Testing System

Skill by ara.so — Daily 2026 Skills collection.

Cairn is an AI-driven automated penetration testing and general problem-solving framework developed by the Bytex@起零衍迹实验室 team. It achieved the unique "AK" (All Killed / full score) result in the 2nd TCH Tencent Cloud Hackathon Intelligent Penetration Challenge, placing 4th online. The system uses LLM-based agents to autonomously reason about, plan, and execute multi-step security testing tasks.

What Cairn Does

• Autonomous AI Agent Loop: Iteratively reasons about a target, selects tools, executes commands, and interprets results
• Penetration Testing Automation: Web vulnerability discovery, exploitation, CTF-style challenge solving
• General Problem Solving: Extensible to non-security tasks via tool/plugin architecture
• Multi-step Planning: Breaks complex objectives into subtasks with memory and context management
• Tool Integration: Wraps common pentest tools (nmap, sqlmap, curl, custom scripts) as callable agent actions

Project Status