Yep, you read it right. 0 false positives. We scan the whole codebase for possible vulnerabilities, rank them, write the proof-of-concept for exploitation, spin up the software in a sandbox, and then attack. All of them happen autonomously without human involvement.
The end report? Only verified vulnerabilities are being reported without noise.
Already reported some unknown vulnerabilities in open source projects. The good thing is we're just getting started.
So, it's been almost 24 hours since I read this yesterday. Is it confirmed that Jia Tan is the perpetrator? do we know who he/she really is? Or are we going to live for the rest of our lives only knowing the pseudo name? just like Satoshi Nakamoto did to us. ;)
https://vyprsec.ai/
Yep, you read it right. 0 false positives. We scan the whole codebase for possible vulnerabilities, rank them, write the proof-of-concept for exploitation, spin up the software in a sandbox, and then attack. All of them happen autonomously without human involvement.
The end report? Only verified vulnerabilities are being reported without noise.
Already reported some unknown vulnerabilities in open source projects. The good thing is we're just getting started.