Keygraph

Today we're excited to announce early access to Shannon Pro, the platform version of our open-source AI Pentester!🧵 Github: github.com/KeygraphHQ/sha…

@0xAmruth Congrats on the launch!

I wanna shoutout @KeygraphHQ for the inspiration behind this :) Shannon was super cool and planted part of the initial idea in my head for a binary analysis tool

Introducing Kong, the world's first fully-autonomous reverse engineering agent. Target any C binary with Kong (regardless of obfuscation) and it will fully decompile it to source, along with renamed functions, explanation, and organization. Kong is virtually immune to most modern forms of obfuscation, including control flow flattening, VM protection, and instruction substitution. Try Kong here: github.com/amruth-sn/kong Live on ProductHunt: producthunt.com/products/kong-… Currently works on x86/ARM64 binaries, will be language-agnostic in the future 🙏

@mldev_ Congrats - that's the beauty of open source!

i just made shannon (fully autonomous AI pentester) that works on claude code, just open `claude` and run `/pentest <url>` github.com/us/shannon-on-… thanks for @KeygraphHQ #ClaudeCode #shannon #pentest #security #ai

👀

@jaykreps Hey @jaykreps , we have an open source version of it, built using the same Claude Code Agent harness - github.com/KeygraphHQ/sha…

Among the zoo of security tools every org ends up buying this is the one that you most wanted: Something that just reads the code and fixes the security problems.

@coreyganim Hey @coreyganim We have an open source version of it built using the same Claude Agent harness! github.com/KeygraphHQ/sha…

Security audits used to require a $15K consultant. Now Claude scans your code, finds vulnerabilities, and writes the fix. You just review and approve. The gap between "solo developer" and "enterprise security" just closed.

@vasuman We have an open source version of it built on the same harness (Claude Agent SDK) - would love for you to check it out from your hideout 🕵️ github.com/KeygraphHQ/sha…

We just cancelled our Cybersecurity subscriptions. CrowdStrike. Cloudflare. Okta. All gone. We save over 4M/yr as a company. Instead I just use Claude Code to handle all security measures. We just gave up all our sensitive user data. I am being personally sued by the FTC and am writing this from an undisclosed location.

@CryptoSnooper_ Here is an open source version buitl ontop the same Claude Agent SDK harness - github.com/KeygraphHQ/sha… Would love your feedback!

Anthropic's ability to use AI to solve problems is impressive. Costly security audits are no longer a thing 🤯

@aakashgupta You should check out Shannon, an open source alternative to Claude Code Security, built using the same Claude Agent SDK: github.com/KeygraphHQ/sha…

Anthropic just made the entire $15B application security market price in a question it can't answer. Traditional AppSec tools from Snyk, Veracode, and Checkmarx charge per-developer licensing for static analysis. They find vulnerabilities. They generate reports. They flag code. Then a security engineer has to actually fix the problem, which is where 80% of the cost and 90% of the delay lives. Look at the screenshot. Input sanitization audits. SSRF detection. Auth bypass tracing. RBAC enforcement reviews. These are the exact tasks that cost security consultants $300-500/hr and take weeks to schedule. Claude Code Security doesn't generate a PDF full of findings for a human to triage. It writes the patches. That compresses the entire vulnerability lifecycle, discovery through remediation, into a single loop. This tells you everything about where Anthropic sees the real margin in developer tools. Scanning is commoditized. Every CI/CD pipeline already runs some flavor of SAST/DAST. The bottleneck has always been fixing vulnerabilities fast enough to matter, and that bottleneck just disappeared. The timing is worth noting too. Anthropic released this the same week enterprises are getting audited on SOC 2 and ISO 27001 compliance cycles. Security teams running 200+ open findings with a 90-day remediation SLA just got a tool that could clear that backlog in hours. If you're building in AppSec right now, the competitive question changed. You're no longer selling "we find more bugs." You're competing against an AI that finds them and writes the patches in the same session.

Claude Code Security's open source version built ontop of Claude Agent SDK. SAST + DAST + Pentest report all-in-one.

@claudeai Here is an open source version built ontop of Claude Agent SDK - github.com/KeygraphHQ/sha… We ❤️ Claude!

Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: anthropic.com/news/claude-co…

This week Shannon hit #1 Github trending project of the week and we just want to say, we love you all ❤️ To everyone who starred the repo. Who tried it on their own apps at midnight. You made this happen. Happy Valentine's Day to the security community 💞 We build for you.

Roses are red, violets are blue, Shannon red teams so your engineers doesn't have to.🌹 Every Claude (Coder) deserves their Shannon. 💕 Github: github.com/KeygraphHQ/sha…

If you're interested in Shannon Pro: Sign up here: docs.google.com/forms/d/e/1FAI… Thank you to everyone who's starred the repo, opened issues, and spread the word. We're just getting started!

These are just some of the vulnerability classes Shannon Pro covers. Keygraph's full AppSec offering goes much deeper and we are excited to announce more details on that soon!

Today we're excited to announce early access to Shannon Pro, the platform version of our open-source AI Pentester!🧵 Github: github.com/KeygraphHQ/sha…