15.09.2025
2 min
502
Villager is an AI pentesting framework created by Chinese company Cyberspike, which has already been downloaded over 11,000 times from PyPI. Experts warn that a legal tool for Red Teams could quickly become a weapon in the hands of cybercriminals.
Villager is a next-generation tool that combines Kali Linux, LangChain and DeepSeek models. It automates reconnaissance, creates exploits from a database of over 4,200 AI prompts, and even generates isolated environments for attacks that disappear after 24 hours. This significantly complicates attribution and forensics.
Villager’s feature is adaptability. If an exploit fails, the AI immediately picks up variations, increasing efficiency. The FastAPI and Pydantic architecture allows you to manage complex attacks through tasks, rather than rigid scripts. Thus, even an inexperienced operator can launch entire attack chains at the level of professional groups.
Another disturbing detail: Villager has built-in plugins for AsyncRAT, Mimikatz and other well-known hacktools. This means that Cyberspike has essentially repackaged the malware as a “legitimate” pentest tool.
Cyberspike appeared in 2023 with the domain *cyberspike[.]top*, registered to Changchun Anshanyuan Technology Co., Ltd.. However, there is no transparent information about it – only a mention on the Chinese website Liepin.
The Villager framework resembles the path of Cobalt Strike: commercial security testing software has become one of the most favorite tools of APT groups. Experts fear that history will repeat itself, but now with AI power that lowers the threshold of entry and speeds up attacks at scale.
Villager is not just another pentesting framework. It is a paradigm shift in cyberthreats: attacks can now be larger, faster, and more accessible to inexperienced hackers. If the tool becomes more widespread, the burden on detection and response systems in corporate environments will increase dramatically.
