Actively finding real vulnerabilities

Finding real vulnerabilities.
Verified in production.

Arbiter infers how web applications work, finds where they break, and verifies every exploit in a real browser. Aletheia loads binaries, decompiles to typed C, and finds vulnerabilities with concolic falsification. Both built in Rust. Both designed as MCP servers for AI agents.

Explore Arbiter Explore Aletheia
2
Products
327
MCP Tools
9,500+
Tests Passing
100%
Rust
The Platform

Two tools. One mission.

Attack the web and reverse the binary. AI agents get structured, programmatic access to both.

Arbiter logo

Arbiter

Web Application Security
For penetration testers and bug bounty hunters

Import traffic from any source. Arbiter builds a state graph of your target, infers authorization rules and ordering constraints, then searches for violations across 55 vulnerability classes — from XSS and IDOR to HTTP smuggling and race conditions. Every finding is verified in a real browser with evidence. Not a scanner — a reasoning engine.

Race Conditions Browser Verification HTTP Smuggling WAF Bypass Bug Bounty Reports Cache Poisoning AI Security Static Analysis
468K+
Lines of Rust
7,800+
Tests
265
MCP Tools
55
Vuln Classes
Learn more
Aletheia logo

Aletheia

Binary Analysis & Reverse Engineering
For reverse engineers and malware analysts

Load PE, ELF, or Mach-O binaries. Aletheia disassembles, lifts to a custom IR, constructs SSA form, and decompiles to typed C with inter-procedural type recovery. A concolic falsification engine detects buffer overflows, command injection, and use-after-free with machine-checkable proofs. Built-in evasion detection, hybrid fuzzing, and taint tracking trace data flows across functions.

SSA Decompilation Concolic Falsification Hybrid Fuzzing Evasion Detection Taint Analysis Crypto Signatures MITRE ATT&CK Sandboxed Emulation
16
Rust Crates
1,600+
Tests
62
MCP Tools
35
IR Opcodes
Learn more
Real Results

Proof, not promises.

Arbiter has been used to discover and responsibly disclose real vulnerabilities in production open source projects.

Disclosure • 2026

Anthropic Open Source

Vulnerability discovered in Anthropic's open source tooling — the company behind Claude. Responsibly disclosed and acknowledged by their security team.

Responsibly Disclosed
Disclosure • 2026

Cloudflare Open Source

Security issue identified in Cloudflare's open source infrastructure tooling, used by millions of websites globally. Ethically reported via their responsible disclosure program.

Responsibly Disclosed
Benchmark

Google Firing Range

100% detection rate across all 85 test endpoints in Google's XSS Firing Range — the industry standard benchmark for vulnerability detection accuracy.

85/85 Verified
Philosophy

Why we build this way

Existing security tools weren't built for AI agents. They have GUIs, not APIs. Heuristics, not reasoning. Pattern matching, not constraint inference. We started from scratch.

Agent-First

Human GUIs are bottlenecks. Every capability is exposed as a structured MCP tool with JSON input and output. AI agents can orchestrate entire security assessments autonomously.

Rust, From Scratch

No wrappers. No FFI to legacy C code. Both tools are built in pure Rust with memory safety, zero-GC performance, and TDD-first development. Every component is tested before the next begins.

Deterministic Output

Security tools must be reproducible. Same input, same output. Structured JSON responses, explicit error handling, and full audit trails — the kind of reliability agents can depend on.

Early Access

Both tools are in closed development.

Join the waitlist to get early access. Tell us which product you're interested in. No spam. One email when the beta opens.

Questions? Interested in collaborating?

[email protected]