Offline AI pentest tool
A new open‑source tool called METATRON promises AI‑driven penetration testing for Linux that runs fully offline using local language models, removing the need to send data to the cloud. The offline design is notable because it lets security teams assess vulnerabilities without exposing code or telemetry to external services, and positions local LLMs as practical security controls. That’s important given the rising concern that models can both find and accelerate exploit discovery. (x.com)
A penetration test is a hired break-in: you point tools at your own server, and they look for unlocked doors like open ports, old software, and weak web settings. METATRON is a new Linux command-line tool that tries to turn that process into a local conversation with a language model instead of a pile of raw scanner output. (github.com) Most security scanners are good at collecting clues and bad at explaining them. METATRON runs scanners including Nmap, Whois, WhatWeb, Curl, Dig, and Nikto, then hands the text to a model called metatron-qwen to sort findings into vulnerabilities, exploit ideas, fixes, and a final risk level. (github.com) The unusual part is where the model runs. The project says the whole workflow stays on the tester’s own machine through Ollama, which is software for running large language models locally, so there is no cloud account, no application programming interface key, and no need to ship target data to an outside service. (github.com) (docs.ollama.com) That matters because scanner output can contain the exact map an attacker wants: software versions, domain records, server headers, and known weak spots. In METATRON’s code, the Nmap step uses service detection and default scripts, while the Curl step pulls Hypertext Transfer Protocol headers and the WhatWeb step fingerprints site technology. (github.com 1) (github.com 2) (cirt.net) The model is not just summarizing once and stopping. The repository says it can enter an “agentic loop,” which means the model can ask for another tool run mid-session, and the code sets a maximum of 9 tool loops before it has to stop. (github.com 1) (github.com 2) The tradeoff is hardware. The setup guide tells users to pull a 9 billion parameter Qwen-based model that needs at least 8.4 gigabytes of random access memory, and it offers a smaller 4 billion parameter version for machines with less memory. (github.com) The tool is also opinionated about its home turf. The README says it is built for Parrot OS, a Debian-based Linux distribution used by security testers, and it stores scan history in MariaDB so users can revisit or export results as Portable Document Format or HyperText Markup Language reports. (github.com) This is still early code, not a finished security platform. The public repository shows about a dozen commits, an MIT license, and roughly 1,900 GitHub stars as of April 9, 2026, which is a lot of attention for a project that appeared only days ago. (github.com 1) (github.com 2) The bigger shift is not that a language model can run Nmap. It is that local models are starting to act like on-device security analysts, reading the same noisy evidence a human tester reads, but doing it without sending sensitive reconnaissance data into someone else’s cloud. (github.com) (docs.ollama.com)
