Mosh is an open-source, model-driven application security testing harness that wraps around LLMs to automate penetration testing through discovery, planning, dockerized execution, and reporting.

// 1h agoOPENSOURCE RELEASE

Mosh is an open-source, model-driven application security testing harness that wraps around LLMs to automate penetration testing through discovery, planning, dockerized execution, and reporting.

Mosh (Model-driven Open Security Harness) is an open-source security testing application designed to automate the work of a security researcher. Instead of relying on raw prompts, the tool implements a multi-step workflow starting with application discovery (mapping routes and technologies), security planning (creating test hypotheses), and controlled test execution through Docker containers using engagement settings. It continuously writes structured reports and memory logs, allowing developers to safely run, review, and reproduce pen-testing results iteratively as vulnerabilities are resolved.

// ANALYSIS

While raw LLMs struggle with dynamic testing, Mosh provides the structured control loops, sandbox execution, and deterministic guardrails necessary to make LLM-driven security scanning practical.

–The use of Docker containers ensures that the testing agent's actions are isolated and repeatable.
–An explicit engagement template acts as a safety checklist to prevent unauthorized scans or out-of-scope testing.
–Iterative feedback loops update discovery memory in real time, mirroring a human tester's logic.

// TAGS

open-sourcepenetration-testingsecurity

DISCOVERED

1h ago

2026-06-13

PUBLISHED

2h ago

2026-06-13

RELEVANCE

8/ 10

AUTHOR

lluismh

// KEEP READING

More AI developer news from the feed

EXPLORE FULL FEED

INFRA34m ago

OpenRouter Advisor boosts collaborative model intelligence

AI researcher Elvis Saravia highlights data showing how combining specialized models with human expertise yields a compounding capability effect. By dynamically routing tasks to optimal models, developers can bypass monolithic LLM bottlenecks to build more robust and cost-effective architectures.

BENCHMARK36m ago

GLM-5.2 tops BridgeBench BS with perfect score

Zhipu AI's GLM-5.2 model has recorded a perfect score on the BridgeBench BS evaluation suite, marking a new milestone for LLM benchmark performance. In response to the model mastering the current tests, the BridgeMind development team announced that they will begin building BridgeBench v3 to keep pace with advancing model capabilities.

UPDATE41m ago

OpenRouter introduces model fusion feature

A recent retweet highlights a new capability from OpenRouter called "fusion," which enables users to combine their favorite AI models to create custom, tailored experiences and potentially unique capabilities.

Mosh is an open-source, model-driven application security testing harness that wraps around LLMs to automate penetration testing through discovery, planning, dockerized execution, and reporting.