
Table of Contents
- Intro
- Documentation
- Installation
- General Usage
- Call to Arms
- Module Documentation
- Keep Us Caffeinated
- 0x004D65726368
Intro
What is PWN
PWN (pronounced /pōn/ — pone) is an open-source offensive-security automation framework and continuous-security-integration platform. It gives security researchers, red teamers, penetration testers and vulnerability researchers a single, scriptable Ruby surface over the entire offensive toolchain — from OSINT and network discovery, through web / cloud / hardware / radio exploitation, to reporting and disclosure — and puts a self-improving, tool-calling, multi-agent AI on top of it.
In numbers: 66 PWN::Plugins · 48 PWN::SAST rules · 90 PWN::AWS
service wrappers · 21 PWN::WWW site drivers · 52 bin/pwn_* CLI drivers ·
5 LLM engines · 10 agent toolsets · 45+ LLM-callable tools.
Full page: What is PWN
Why PWN
Offensive security is a toolchain problem. PWN's bet is that the right
abstraction is plain Ruby methods with a uniform opts = {} signature,
exposed simultaneously to a human in a REPL, an LLM in a tool-calling loop, a
shell script in CI, and a cron job at 3 am — all open-source and auditable,
which matters when the caller is autonomous.
Full page: Why PWN
How PWN Works
Five layers, edges only ever go down:
The AI layer closes a self-improvement loop on every turn — Metrics +
Learning (introspection) joined with Snapshot + Drift + Intel (extrospection)
via extro_correlate, so the agent knows whether a failure was its fault or
the world changed:
And Swarm runs multiple personas — each a full tool-calling agent, optionally on a different LLM engine — over a shared append-only bus:
Full pages: How PWN Works · All 26 Data-Flow Diagrams
Documentation
The complete wiki lives in this repo at documentation/Home.md.
Rebuild every SVG from its Graphviz source:
cd documentation/diagrams && ./build.sh
Installation
Tested on Debian-based Linux & macOS, Ruby via RVM.
$ cd /opt
$ sudo git clone https://github.com/0dayinc/pwn
$ cd /opt/pwn
$ ./install.sh
$ ./install.sh ruby-gem
$ pwn
pwn[v0.5.616]:001 >>> PWN.help
Full page: Installation · Configuration
General Usage
General Usage Quick-Start · local: General PWN Usage
Update PWN frequently — new plugins, agent tools, skills and zero-day tooling land regularly:
$ rvm list gemsets
$ rvm use ruby-4.0.5@pwn
$ gem uninstall --all --executables pwn
$ gem install --verbose pwn
$ pwn
pwn[v0.5.616]:001 >>> PWN.help
If using a multi-user RVM install:
$ rvm use ruby-4.0.5@pwn
$ rvmsudo gem uninstall --all --executables pwn
$ rvmsudo gem install --verbose pwn
Inside the pwn REPL:
- Full access to every
PWN::module. pwn-ai— launch the autonomous agent TUI (SHIFT+ENTER newline, ENTER submit).pwn-asm,pwn-ai-memory,pwn-ai-sessions,pwn-ai-cron,pwn-ai-delegate.
Headless / CI one-shot (pwn --ai):
$ pwn --ai 'What ports are listening on this host?'
$ echo "$LONG_PROMPT" | pwn --ai -
$ pwn -Y ./ci/pwn.yaml --ai 'Run pwn_sast against ./src and summarise HIGH findings' > findings.txt
PWN periodically upgrades to the latest Ruby (/opt/pwn/.ruby-version).
Easiest upgrade of Ruby + pwn from a previous install:
$ /opt/pwn/vagrant/provisioners/pwn.sh
Call to Arms
Contributions that expand PWN's offensive capabilities are welcome. If you can provide access to additional commercial LLMs, security scanners, or bounty platforms — or wish to contribute plugins, AI skills, or exploit modules — please email us. See CONTRIBUTING.md and the local Contributing page.
Module Documentation
Primary: documentation/Home.md — the full local
wiki with 30+ pages and 26 SVG data-flow diagrams.
API reference: rubydoc.info/gems/pwn,
or in-REPL: PWN::Plugins::BurpSuite.help, show-source, ls.
Highlights: Plugins · BurpSuite · Transparent-Browser · pwn-ai Agent · Swarm · Extrospection · SAST · AI Integration
I hope you enjoy PWN — and remember: always have permission before any security testing. Now go pwn all the things (responsibly)!
Keep Us Caffeinated
If you've found this project useful and you're interested in supporting our efforts, we invite you to take a brief moment to keep us caffeinated:






