Strix Agents - AI Hackers to secure your vibe-coded apps
by•
The new Strix platform gives devs continuous security in one place: continuously pentest your apps, block vulnerable PRs before merge, generate merge-ready fixes, and track security posture over time.
Replies
Strix
Hey Product Hunt 👋
Strix started as an open-source framework for autonomous pentesting.
Since launch, it’s grown to 80,000+ users, 15B+ LLM tokens processed daily, 1,300+ pentests per day, and 78,000+ vulnerabilities reported.
The demand became clear: teams wanted more than the framework. They wanted Strix running continuously across their repos, apps, and attack surface, with scheduling, validation history, auto-fix, integrations, and enterprise controls.
Why now? 🚀
AI increased software shipping velocity
security workflows mostly stayed the same
periodic pentests and manual triage do not work when systems change every day
So today we’re launching the new Strix Platform:
continuously pentest full-stack apps
block vulnerable PRs before merge
verify findings with proof-of-exploit
generate merge-ready fixes
retest automatically
track security posture over time
Excited to hear what you think and answer any questions :)
@0xallam verify findings with proof-of-exploit... that's a bold promise. usually ai security tools are just 'hallucination factories' for false positives. does it actually generate a script to reproduce the vulnerability?
Checking out today
Does this also work for mobile web apps? Or is this only mobile apps?
Open source for security tooling is the right call - you can't ask developers to trust a black box that's poking at their app. Curious about the false positive rate in practice. In my experience scanning real-world apps, the gap between "flagged" and "actually exploitable" is where most tools lose credibility.