AI Orchestration for Penetration Testing
A new version of the HexStrike AI red team framework has been released as v6.0, introducing an automated approach to security assessments through the Model Context Protocol (MCP). The framework functions as a FastMCP server that connects large language models like Claude and GPT with a curated set of 127 professional security tools. This architecture allows AI agents to orchestrate penetration testing workflows, vulnerability discovery, and payload generation tasks that traditionally require days of manual effort.
The platform includes an Intelligent Decision Engine that analyzes targets, selects appropriate tools, and executes multi-phase assessments without constant human oversight. It supports six AI client integrations out of the box, including Claude Desktop, Cursor, VS Code Copilot, Roo Code, and any MCP compatible agent, making it accessible for teams using different AI platforms for security testing.
BOAZ Payload Evasion Integration
The most significant addition in this release is the full integration of BOAZ (Bypass, Obfuscate, Adapt, Zero Trust), an open source multilayered AV/EDR evasion framework developed by Thomasxm. BOAZ provides five dedicated MCP tools within HexStrike, transforming the platform from a scanning engine into a complete red team payload pipeline. The framework includes more than 77 process injection loaders across six categories, 12 encoding schemes including AES and ChaCha20, and multiple EDR bypass techniques such as API unhooking and ETW patching.
The BOAZ workflow follows a defined payload pipeline: MSFVenom generation, followed by entropy analysis, then the BOAZ evasion layer to produce enterprise grade stealth binaries. Additional capabilities include anti analysis controls like sandbox detection and sleep obfuscation, MinGW cross compiler support for Linux to Windows compilation, and output formats including EXE, DLL, and CPL files with self deletion options.
Source: Cyber Security News
