Breakintelligence
← Open source tools
YAAP

Documentation

YAAP — Yet Another AI Pentester

Autonomous web app penetration testing

AI-powered autonomous web application security testing.

YAAP is a LangGraph-based multi-agent penetration testing system that discovers, analyzes, and exploits web vulnerabilities using AI-driven orchestration.

Source: github.com/promptagainstthemachine/yaap


Table of contents


Quick start

Install

git clone https://github.com/promptagainstthemachine/yaap.git
cd yaap
uv sync

YAAP uses feroxbuster for endpoint discovery. It can auto-install feroxbuster when missing (git clone + Cargo build, or package managers). Fallbacks include Katana and dirb.

Manual feroxbuster (optional):

# macOS
brew install feroxbuster

# From source
git clone https://github.com/epi052/feroxbuster.git
cd feroxbuster && cargo build --release
sudo cp target/release/feroxbuster /usr/local/bin/

Environment

# Create .env with your LLM API key (provider depends on your config)
cp .env.example .env   # if present
# Edit .env with your keys

Basic usage

# Full security assessment (with endpoint discovery)
uv run yaap --target https://example.com

# Reconnaissance only
uv run yaap --target https://example.com --recon-only

# Vulnerability hunting only
uv run yaap --target https://example.com --vuln-only

Exact CLI flags may vary by release — run uv run yaap --help for the current surface.


Authentication

# With auth: load credentials and attempt login
uv run yaap --target https://example.com --auth

# Without --auth: skip authentication flows
uv run yaap --target https://example.com

Configure credentials via environment variables or project config as documented in the repository.


Docker

# Build
docker build -t yaap .

# Run against a target
docker run --rm --env-file .env yaap --target https://example.com

# Persist reports
docker run --rm --env-file .env -v "$(pwd)/reports:/app/reports" yaap --target https://example.com

Compose (if docker-compose.yml is present in the repo):

docker compose up --build

Reports

YAAP writes structured findings for review after an assessment. Check the project reports/ output path (or the volume you mounted in Docker) for generated results.


Responsible use

Only test systems you own or have explicit permission to assess. YAAP is for authorized security testing.


License

MIT — see the repository LICENSE file.