展示HN:我开发了一款AI安全测试工具
我开发了一款人工智能安全测试工具,用于检测您的网页应用程序的漏洞(如 SQL 注入、跨站脚本攻击、跨站请求伪造、不安全的头部等)、业务逻辑缺陷或暴露的凭证(您不会相信有多少“随意编码者”暴露了他们的 API 密钥)。
每次发起的测试都是独一无二的,测试方式会根据目标网站进行调整,并提供安全报告。
在后台,它通过 29 个按需调用的代理运行。主要的测试代理在一个隔离的 Kali Linux 机器上运行,每次测试都会生成一个新的实例。
欢迎反馈,也很乐意回答您关于此工具的问题。
<a href="https://peneterrer.com" rel="nofollow">https://peneterrer.com</a>
查看原文
I Built an AI Security Tester to test out your web apps for vulnerabilities (sqli, xss, csrf, insecure headers, etc), Business logic flaws, or exposed credentials (You won't believe how many "vibe coders" are exposing their API Keys )<p>Each test initiated is completely unique in how its carried out, adapted to the target website + Gives a security report.<p>On the backend, it runs with the help of 29 agents which are invoked on demand. The main testing agent functions in an isolated Kali linux machine - spawned for each test.<p>Feedback appreciated, and would love to answer your questions about it.<p><a href="https://peneterrer.com" rel="nofollow">https://peneterrer.com</a>