Open Source

PentestShield: Private AI-Assisted Pentesting with an MCP Proxy

We just dropped something for the offensive security community: PentestShield.

PentestShield is an MCP proxy that sits between your pentesting tools — like Burp Suite or Caido — and your LLM. It securely redacts sensitive data (domains, IPs, API tokens, cookies, passwords, and other PII) before the AI model ever sees it, then restores the real values in the responses you read.

In short:

• Keeps client data private while using AI for analysis.
• Makes AI-assisted pentesting safer and more privacy-aware.

If you work with security, AI, or automated testing, give it a spin — PentestShield is open-source, and we'd love your feedback and contributions.