
AI-powered autonomous web application security testing.
YAAP is a LangGraph-based multi-agent penetration testing system that discovers, analyzes, and exploits web vulnerabilities using AI-driven orchestration.
Source: github.com/promptagainstthemachine/yaap
Table of contents
Quick start
Install
git clone https://github.com/promptagainstthemachine/yaap.git
cd yaap
uv sync
YAAP uses feroxbuster for endpoint discovery. It can auto-install feroxbuster when missing (git clone + Cargo build, or package managers). Fallbacks include Katana and dirb.
Manual feroxbuster (optional):
# macOS
brew install feroxbuster
# From source
git clone https://github.com/epi052/feroxbuster.git
cd feroxbuster && cargo build --release
sudo cp target/release/feroxbuster /usr/local/bin/
Environment
# Create .env with your LLM API key (provider depends on your config)
cp .env.example .env # if present
# Edit .env with your keys
Basic usage
# Full security assessment (with endpoint discovery)
uv run yaap --target https://example.com
# Reconnaissance only
uv run yaap --target https://example.com --recon-only
# Vulnerability hunting only
uv run yaap --target https://example.com --vuln-only
Exact CLI flags may vary by release — run uv run yaap --help for the current surface.
Authentication
# With auth: load credentials and attempt login
uv run yaap --target https://example.com --auth
# Without --auth: skip authentication flows
uv run yaap --target https://example.com
Configure credentials via environment variables or project config as documented in the repository.
Docker
# Build
docker build -t yaap .
# Run against a target
docker run --rm --env-file .env yaap --target https://example.com
# Persist reports
docker run --rm --env-file .env -v "$(pwd)/reports:/app/reports" yaap --target https://example.com
Compose (if docker-compose.yml is present in the repo):
docker compose up --build
Reports
YAAP writes structured findings for review after an assessment. Check the project reports/ output path (or the volume you mounted in Docker) for generated results.
Responsible use
Only test systems you own or have explicit permission to assess. YAAP is for authorized security testing.
License
MIT — see the repository LICENSE file.
