What are Agents?
Hacktron comes with a collection of powerful agents designed to identify specific types of vulnerabilities in your codebase. They rely on Hacktron’s proprietary knowledge base, with contributions from our world-class security researchers. In addition, Hacktron learns from collaborating with you and automatically creates agents customised to your codebase where there lacks relevant coverage in our knowledge base. This helps Hacktron improve over time as it learns from your codebase.
Dynamic Agent Discovery
When you give Hacktron a security audit task in an interactive session, it enters deep vulnerability research mode and automatically finds and uses the most appropriate agents to perform the task. At a high level, Hacktron will:- Fetch relevant agents from our knowledge base
- Create AI-suggested agents which are not in the knowledge base and will be dynamically created
hacktron findings list command.
Select which patterns you want to keep and which you want to discard, and edit the AI-suggested patterns to your liking.
Agent Packs
You can also specify agent packs explicitly. For example, thereact agent pack will run a collection of agents
to find vulnerabilities in React applications.
This is useful if you know what technologies you are using, or want to focus on a specific type of vulnerability.
To see the list of available agent packs, run:
agent pack command:
Personal Agents
Hacktron learns from collaborating with you and automatically creates agents customised to your codebase where there lacks relevant coverage in our knowledge base. These agents are dynamically created when you use Hacktron and are private to you. You can see a list of your personal agents by running:--personal flag: