Cerberus

Cursor for AI hacking that can't go out of scope

62 followers

Cursor for AI hacking that can't go out of scope

62 followers

Visit website

Security software

Cerberus is the world's first safe AI hacker. You can hack your entire app in plain English with a prompt "find vulnerabilities and exploit them in example.com". We also built the world's first AI hacker that's mathematically safe to run on production. It uses a new programming language where every hacking action must come with a mathematical proof that you authorized it — no proof, no action. Point it at your app, come back in 3-4 hours with a full security report.

Free Options

Launch tags:Tech•Security

Launch Team

Framer — Launch websites with enterprise needs at startup speeds.

Launch websites with enterprise needs at startup speeds.

Promoted

Cerberus

Maker

📌

Hi Product Hunt, Short context first. For the past several years our team has run a penetration testing firm serving banks and enterprises, alongside doing research in theoretical computer science — specifically type theory and programming language design. When AI agents became viable, everyone saw the same opportunity we did: automate pentesting. And everyone ran into the same wall. AI hackers can be hacked themselves. A malicious website can contain a prompt injection that tricks the agent into attacking a completely unrelated target. Your authorized pentest suddenly becomes an unauthorized attack on someone else's system, which is a legal disaster. Worse, when these agents discover a vulnerability like RCE, they can delete a client's database, or do something significantly worse, because nothing prevents them from acting on the exploit. Most of these tools are GPT wrappers executing shell commands in a terminal. There's no real safety layer. That's unacceptable for production pentesting. A tool you can't trust is a tool you can't use. The moment things clicked for us was realizing our CS research actually solved this. Unsanctioned actions don't need to be caught at runtime with prompts and guardrails, which fail in practice. They can be prevented before the AI ever acts, using formal methods from programming language theory. So we built a new programming language specifically for ethical hacking. Every action expressible in it, a port scan, a payload, a network request, must carry a mathematical proof of what it's authorized to target and do. Before anything executes, the proof is checked. If the action falls outside the engagement scope — attacking a target you don't own, launching a DDoS, pivoting to an unrelated system — the code doesn't compile. Nothing runs. The AI writes code in this language. You interact with it in plain English. But the safety guarantee is mathematical, not behavioral. This is what lets us offer the first AI hacker you can actually point at production systems. $999/yr - full platform for security professionals Enterprise (from $60,000) - on-premise deployment with your own AI models You can get your free demo here: c7-security.com/cerberus Happy to answer anything in the comments: the type theory, the language design, how we handle edge cases, or how this compares to other AI pentest tools on the market.

Report

9d ago

@aziz_akhmedkhodjaev This will have huge application in Third Party Risk Space. a lot of small vendors cut corners when it comes to pen test. this would definitely help them becoming compliant

Report

4d ago

Ichiba AI

Scope question: does this cover prompt-injection and context-manipulation attacks, or is it authorization-boundary focused? Those are very different security problems.

Report

8d ago

Cerberus

Maker

@ichiba Hi, thanks for the question.

It covers all kinds of attacks that may lead the AI hacker to do unsanctioned (out of scope) actions, because we mathematically model the scope of penetration testing.

For example, you might have allowed only testing of *.yourdomain.com subdomains and disallowed DDoS attacks. Any program code that will attempt to launch an attack to something else outside of *.yourdomain.com or would start a DDoS attack won't pass type checking and will be caught off during compilation.

Report

7d ago

jared.so

Formal-methods-enforced scope ("no proof, no action") is the only sane answer to prompt-injected AI hackers going rogue. A purpose-built typed language where out-of-scope code doesn't compile is the first AI pentest tool that could actually run against prod without a lawyer on speed dial. Curious how the language handles emergent attack chains where each step is individually in-scope.

Report

1d ago

Reviews

Most Informative