Tengu FAQs

Question 1

Can Tengu automate report generation for penetration tests?

Accepted Answer

Absolutely. Tengu automatically correlates findings from various scans and tools, then generates professional penetration test reports. These reports can be exported in multiple formats, including Markdown (MD), HTML, or PDF.

Question 2

Are there safety mechanisms when using Tengu for exploitation?

Accepted Answer

Yes, Tengu prioritizes safety with built-in controls. It features target allowlisting, input sanitization, rate limiting, and audit logging. Crucially, all destructive actions, such as Metasploit module execution, require explicit human confirmation (human-in-the-loop).

Question 3

What is Tengu?

Accepted Answer

Tengu is an AI-assisted MCP (Model Context Protocol) server that orchestrates 56 industry-standard security tools with AI intelligence to streamline the entire penetration testing process, from reconnaissance to professional reporting.

Question 4

How does Tengu use AI in penetration testing?

Accepted Answer

Tengu leverages AI (via Claude) to intelligently decide the next best security tool to run based on previous findings. This allows for dynamic and optimized testing workflows, automating routine tasks while keeping the human in control of critical decisions.

Question 5

Which security tools does Tengu integrate?

Accepted Answer

Tengu integrates an extensive catalog of 56 security tools, including popular choices like Nmap, Metasploit, SQLMap, Nuclei, OWASP ZAP, Hydra, and many more, covering reconnaissance, web scanning, exploitation, and reporting.

Tengu

Tengu

Key Features

Use Cases

Key Features

Use Cases