PHALANX v3.0 released
A social post announced PHALANX v3.0, an open‑source Kali Linux pentest agent designed to simplify offensive testing against local models and reduce tool complexity. The release was shared with commentary comparing it to heavier agent stacks. (x.com)
PHALANX v3.0 is now out as an open-source penetration-testing agent for Kali Linux, with the codebase labeling itself an “Autonomous Pentesting Framework v3.0.” (github.com) Penetration testing is a controlled security drill: software probes a system the way an attacker might, then records what it found. PHALANX is built to run that workflow on Kali Linux, the Debian-based distribution maintained for digital forensics and penetration testing. (github.com ) (kali.org) The release surfaced in a social post from the account when_robots_cry, which described PHALANX v3.0 as an open-source Kali Linux pentest agent aimed at local models and a lighter tool stack. The GitHub repository for webxos/phalanx was crawled within the last week, and GitHub’s releases page showed no packaged release entry at that time. (x.com) (github.com) A local model is a large language model that runs on the user’s own machine instead of sending prompts to a cloud service. That setup has become a selling point in offensive-security tooling because target data, scan output, and credentials can stay on the operator’s box instead of leaving for an external application programming interface. (github.com) That pitch has spread quickly across open-source security projects. AIRecon says it runs with a self-hosted Ollama model in a Kali Linux Docker sandbox and “no API keys required,” while PentAGI says it is a fully autonomous system for penetration testing in an isolated Docker environment. (github.com 1) (github.com 2) Another branch of the same trend is the Model Context Protocol, a standard way to let a model call outside tools. Zebbern’s Kali MCP server says it exposes 145-plus tool functions across 20 modules and connects assistants to tools such as Nmap, SQLMap, Hydra, Metasploit, and Nuclei on a Kali system. (github.com) The contrast in the PHALANX post was not about whether agents can use tools, but about how much machinery they need. The commentary framed PHALANX against heavier multi-agent or protocol-driven stacks, while rival projects increasingly advertise long feature lists, browser automation, dashboards, and orchestration layers. (x.com) (github.com 1) (github.com 2) (github.com 3) The repository itself was sparse in the indexed material available through search, so some implementation details remain unclear from public pages alone. But the direction is plain: more offensive-security developers are trying to run autonomous testing closer to the terminal, closer to Kali Linux, and closer to local models. (github.com)
