What happens when AI is engineered to think like a security researcher — and built by world-class experts?
We explore AI’s true potential, applying it where it matters most: finding and proving real vulnerabilities.
AI Security Agents
AI agents that can autonomously reason about, find, and prove critical vulnerabilities.
Novel Benchmarks
Standardized open-source benchmarks to test and evaluate the security capabilities of AI.
AI-Powered Tools
Tools that empower human security researchers to do better work.
Hacktron research lab
Hacktron is built on industry-leading offensive security research.
We have a proven track record of securing top companies around the world.
We invest in 0-day research to explore AI capabilities on real-world targets, and keep our customers ahead of the curve.
Mohan "s1r1us" Pedhapati
Co-Founder
Mohan ("s1r1us") was a Senior Application Security Auditor at Cure53 and founder of ElectrovoltSec, specializing in Browser and Client-Side Security. His research on Prototype Pollution and Electron RCEs has been featured at BlackHat, DEF CON, BountyCon, and recognized by PortSwigger and Vice.
Harsh Jaiswal
Co-Founder
Harsh was a Senior Security Researcher specializing in web security, patch analysis, and automation. A top-ranked bug bounty hunter and speaker at Ekoparty and BSides, he contributes to open-source tools and emerging threat detection. He has been in the press for hacking Apple.
Zayne Zhang
Co-Founder
Zayne studied Computer Science at the University of Cambridge and is a member of Blue Water, the world’s top CTF team in 2023. His HTTP Request Smuggling research was featured at BSides and recognised by PortSwigger. He holds 15 CVEs, topped Singapore’s government bug bounty, and brings both security and software engineering experience from military, government, and big tech.
Maciej Piechota
Security Researcher
Maciej ("haqpl") is a seasoned penetration tester with 20+ years in IT, vice-captain of a top CTF team, and a renowned bug bounty hunter. He has discovered CVEs in major open-source projects and secured large bounties across industries like banking, logistics, and healthcare. Shopify once paid $200k for one single bug.
Alexander Tan
Security Researcher
Alexander ("ahacker1") is currently sitting at the top of both GitHub and GitLab's bug bounty program leaderboards. He specialises in SAML and SSO research, and has found multiple zero days in SAML libraries. He has been featured multiple times on GitHub's security blog, and is consistently among the top 10 hackers in Canada on HackerOne.
Fabian "LiveOverflow" Faessler
Head of Agents
Fabian ("LiveOverflow") is one of the most well-known names in the hacking and infosec community, with nearly a million followers across social media platforms like YouTube. He was a Senior Application Security Auditor at Cure53 and previously founded Hextree, one of the leading educational platforms for hackers and security enthusiasts.
Connect. Hunt. PoC. Patch.
Hacktron agents integrate with your code, find vulnerabilities, prove them with PoCs — and deliver patches.
Install our GitHub app
Connect your GitHub repository. Deploy Hacktron agents into your CI/CD pipeline within minutes.
Vulnerability hunt
Multiple agents work together to analyze your code, uncover vulnerabilities, and triage them by impact.
Receive validated findings and patches — and pay Hacktron bounties for every valid vulnerability.
Hire your first AI penetration tester
Hacktron is currently in private beta. We’re offering free audits for qualifying companies.
Empowering security for ambitious teams
Empowering security for ambitious teams