Hacktron AI (@HacktronAI) / X

Hacktron AI

137 posts

Hacktron AI

@HacktronAI

Hacktron is an autonomous vulnerability hunter for ambitious engineering teams. Built by world-class security researchers. Powered by one principle: PoC || GTFO

Latent Space

Joined April 2025

Pinned
Hacktron AI
@HacktronAI
Apr 28
Introducing Hacktron Review: an AI security reviewer for your pull requests. It understands your whole codebase, builds a threat model, takes your feedback, and catches exploitable vulnerabilities before they reach production. Try for free: app.hacktron.ai
00:00
47K
Hacktron AI reposted
zayne (zeyu) zhang
@zeyu1337
Jun 22
use the HacktronAI/dependency-scan GitHub action to check your dependencies against known malware & supply-chain compromises. this is the beginning of a broader effort! DMs open for feedback. github.com/hacktronai/dep…
1.6K
Hacktron AI reposted
zayne (zeyu) zhang
@zeyu1337
Jun 20
PSA: when you wake up, reach for your phone immediately. Do NOT scroll Instagram reels. Send a good morning message. Not to your girlfriend, to Claude. That way, you can start the clock for your 5 hour Claude Code usage limit while you freshen up and head to the office. At noon,
1.1M
Hacktron AI reposted
s1r1us (mohan)
@S1r1u5_
Jun 21
internet breaking? news.ycombinator.com/item?id=486052…
5.9K
Hacktron AI
@HacktronAI
Jun 18
Introducing the Hacktron MCP. Give Claude Code, Codex, or Cursor a PR URL. With the Hacktron MCP, it will fetch the relevant security findings, write the fixes, and update Hacktron when the issue is resolved. All done before your coffee gets cold.
00:00
5.5K
Hacktron AI reposted
Harsh Jaiswal
@rootxharsh
Jun 12
RCE in Warp Terminal! I believe the attack surface is broadening with every new tool you use. Every OAuth app you authorise with elevated scopes.. we'd see more breaches via targeting tools/SaaS.. the attack surface is everyone and everything now - hacktron.ai/blog/the-attac…
00:00
3.6K
Hacktron AI reposted
s1r1us (mohan)
@S1r1u5_
Jun 12
Replying to @S1r1u5_
warp also supports this escape sequence, but unlike iTerm, its inline=0 path handling lets attacker-controlled terminal output write attacker-controlled content into attacker-controlled locations. so @HacktronAI found this arb file write. source:
warp/app/src/terminal/model/terminal_model.rs at bc3fffa7e57dae20b1878a1aa74e9f003d0617ce ·...
From github.com
1.2K
Hacktron AI
@HacktronAI
Jun 12
👀
Julio 🏴‍☠️
@juliocfa_
Jun 11
Replying to @S1r1u5_
Really hope more people get to try Hacktron. You guys are doing great so far and I love the open source initiative
Open Source Program
From hacktron.ai
661
Hacktron AI reposted
s1r1us (mohan)
@S1r1u5_
Jun 5
So @Doyensec recently published a report comparing @xbow and @AikidoSecurity, two AI pentest platforms. I figured, why not run @HacktronAI on the same test? So I ran a pentest on one of the target. Hacktron cost $350, while XBOW and Aikido cost $4,000 each. We did pretty well!
15K
Hacktron AI
@HacktronAI
Jun 1
Introducing Hacktron Whitebox: get white-box security assessments with audit-ready reports without waiting on a traditional pentest cycle. AI has roughly tripled the rate of code shipped in the past year. But penetration testing has not kept pace, often taking weeks to months.
00:00
11K
Hacktron AI
@HacktronAI
Jun 1
Replying to @HacktronAI
The outcome: a faster, more cost-effective security assessment that does not compromise on quality. This is not just checkbox compliance. Hacktron Whitebox helps teams generate evidence for SOC 2 and ISO 27001, while giving engineers valuable, actionable findings they can fix.
00:00
699
Hacktron AI
@HacktronAI
Jun 1
Find out more:
AI White-box Penetration Testing as a Service
From hacktron.ai
524
Hacktron AI reposted
zayne (zeyu) zhang
@zeyu1337
May 28
Nice overview of the vulnerability discovery landscape! Very proud of the work we've done at @HacktronAI, as well as that of our peers at Anthropic and AISLE. AI has sped up vulnerability discovery, but coverage and signal remain to be important metrics we optimize for.
Corban Villa
@corban_villa
May 27
Agents are finding more vulnerabilities than ever. But it turns out there are gaps in existing vulnerability discovery. Over the past 90 days vs. a year ago, web vulnerabilities (XSS/SQLi/CSRF) are down 66% and memory safety exploitability is down 3.5x. We built the Agentic
00:00
2.2K
Hacktron AI reposted
Corban Villa
@corban_villa
May 27
Replying to @corban_villa
Who's finding what? @AnthropicAI owns critical count. @HacktronAI leads on severity + exploitability. AISLE covers the most CWE types. There’s no clear overall winner.
00:00
13K
Hacktron AI
@HacktronAI
May 25
Hacktron Review plugs into your pull requests and catches exploitable vulnerabilities other scanners walk straight past. Find real security issues within 24 hours of onboarding. Try it free → hacktron.ai
2.5K