In this project, we explore methods of implementing an autonomous agent that simulates human behaviour, in order to produce common mistakes that create vulnerabilities in enterprise networks. The objective of this research is to aid in testing the security of existing networks when vulnerabilities are created by the actions of their users. The research was be split into two stages. First, we investigated different possibilities of implementing the autonomous behaviour and which types of actions should be supported. The second stage was to create a virtual machine (VM) that can be implemented in either physical or virtual networks, and test the agent in different scenarios by running it against anti-phishing tools. The tool downloads files from a website using two different methods, and we record if, and when, the anti-phishing tools blocks those actions. This autonomous agent can help administrators test their network's protection against unwanted downloads. It can also be used to see which anti-phishing tool is better at protecting their network by trying different configurations against the agent.