Actively finding real vulnerabilities

Find the bugs
that actually pay.

Import traffic. Arbiter infers application logic, builds a state graph, and searches for constraint violations — not pattern matches. Every finding is verified in a real browser with screenshot evidence, then exported as a submission-ready report for HackerOne, Bugcrowd, or Intigriti.

Used to discover & responsibly disclose vulnerabilities in Anthropic & Cloudflare open source projects
100% detection rate on Google's Firing Range (85/85 endpoints)
468,000+ lines of production Rust — 7,800+ tests passing
arbiter — session: security-audit
Proof, Not Promises

Real vulnerabilities. Responsibly disclosed.

Arbiter has been used to discover security issues in open source projects from Anthropic and Cloudflare. All findings were ethically disclosed via responsible disclosure. No fabricated testimonials — just results.

Disclosure • 2026

Anthropic Open Source

Vulnerability discovered in Anthropic's open source tooling — the company behind Claude. Responsibly disclosed and acknowledged by their security team.

Responsibly Disclosed
Disclosure • 2026

Cloudflare Open Source

Security issue identified in Cloudflare's open source infrastructure tooling, used by millions of websites globally. Ethically reported via their responsible disclosure program.

Responsibly Disclosed
Benchmark

Google Firing Range

100% detection rate across all 85 test endpoints in Google's XSS Firing Range — the industry standard benchmark for vulnerability detection accuracy.

85/85 Verified
How It Works

From traffic capture to verified bounty report

Traditional scanners enumerate every possible request and filter false positives. Arbiter infers what the application allows, models it as a typed state graph, and searches only for constraint violations. Exponentially smaller search space.

Step 01

Capture

Import traffic from HAR files, Burp XML exports, or Arbiter's built-in proxy. Handles authenticated sessions and TLS.

Step 02

Analyze

Build a typed state graph from observed traffic. Infer authorization boundaries, session constraints, ordering dependencies, rate limits, and CSRF flows. This is the constraint model that makes targeted detection possible.

Step 03

Detect & Verify

Search across 55 vulnerability classes for constraint violations — not just pattern matches. Every finding is verified in headless Chrome with screenshot evidence.

Step 04

Report

Generate submission-ready reports for HackerOne, Bugcrowd, or Intigriti. Includes PoC code, evidence screenshots, and CVSS scoring.

Honest Comparison

Arbiter vs. the tools you already use

Burp is manual. Nuclei matches signatures. ZAP is noisy. Arbiter infers constraints and reasons about logic.

Capability Arbiter Burp Suite Pro Nuclei OWASP ZAP
Constraint inference from traffic
State graph construction
Real browser verification Full Chrome + Evidence Headless only Basic
Race condition exploitation H/2 single-packet, <100µs Manual via Turbo Intruder
AI agent integration (MCP) 265 MCP tools + REST API
Static + Dynamic correlation narsil-mcp integration
Bug bounty report generation HackerOne, Bugcrowd, Intigriti Basic markdown
WAF detection & bypass Fingerprint + AI mutation Extensions Templates
Vulnerability detectors 55 vulnerability classes Scanner + extensions 6,000+ templates Active + passive
Performance Rust, zero-GC JVM-based Go JVM-based
Price Free tier + Pro $449/yr Free (OSS) Free (OSS)

Nuclei excels at known CVE scanning with its massive template library. Burp's manual testing workflow is mature. Arbiter's advantage is logic-aware discovery and verification — it's complementary, not a wholesale replacement for every use case.

Engineering

The numbers behind Arbiter

This isn't a wrapper around existing tools. It's 468,000 lines of Rust built from scratch.

468K+
Lines of Rust
Production-grade, memory-safe code
7,800+
Tests
Unit, integration & property tests
265
MCP Tools
Full AI agent integration + REST API
55
Vuln Classes
XSS, IDOR, SQLi, SSRF, race conditions
100%
Firing Range
85/85 Google benchmark endpoints
<100µs
Race Precision
Single-packet H/2 timing attacks
Capabilities

What Arbiter actually does

Each capability is built to find the vulnerability classes that pay the highest bounties.

Most Differentiated Capability

HTTP/2 Single-Packet Race Attacks

Implements James Kettle's "Smashing the State Machine" research from PortSwigger. All HTTP/2 requests are packed into a single TCP segment, achieving sub-100 microsecond timing precision. This eliminates network jitter and exposes race conditions that other tools miss entirely.

<100µs Timing precision
9 Race patterns
3 Execution modes

Detects double-spend, limit bypass, TOCTOU, and coupon abuse vulnerabilities. Automatic shared-resource analysis identifies race-prone endpoints.

AI-Native

265 MCP Tools + REST API

Arbiter is an MCP server and REST API. Connect it to Claude, and the AI can orchestrate full security assessments autonomously — from traffic import to verified report. This isn't a chatbot wrapper. It's 265 tools the AI reasons with.

stdio + SSE transport • REST API • Human-in-loop safety gates • Full audit logging
Browser Verification

Zero False Positives

Every XSS, every injection, every bypass is confirmed in a real headless Chrome instance before it reaches your report. DOM snapshots, console logs, network traces, and screenshots are captured as evidence.

CSP-aware • Full evidence chain • Exploitability confirmed, not guessed
WAF Bypass

Detect, Fingerprint, Bypass

Identifies WAF vendors (Cloudflare, Akamai, AWS WAF, etc.), profiles blocking behaviour, and generates bypass payloads. The Polychrome AI module uses SLM-powered mutation for novel evasion.

10+ WAF vendors • Encoding mutation • Lazarus crash detection
55 Vulnerability Classes

Every Major Vulnerability Class

XSS (reflected, stored, DOM), SQLi (error, blind, time-based across 5 database engines), IDOR, SSRF, CSRF, command injection, path traversal, CORS misconfiguration, JWT algorithm confusion, HTTP smuggling (CL.TE, TE.CL, H2 desync), cache poisoning, XS-Leaks, OAuth/OIDC redirect manipulation, SSTI across 8 template engines, prompt injection detection, static analysis across 32 languages, and more.

Constraint-aware • Not pattern matching • Business logic • Protocol-level attacks
Report Generation

Submission-Ready in Minutes

Generates platform-specific reports for HackerOne, Bugcrowd, and Intigriti. Includes reproduction steps, PoC code (curl, Python, JavaScript, raw HTTP), CVSS scoring, and remediation guidance.

Bulk generation • Evidence auto-attached • Markdown + JSON export
Pricing

Start free. Scale when you're ready.

No credit card required. Upgrade as your targets grow.

Free
$0/mo
  • 5 scans per month
  • Core detectors
  • Browser verification
  • HackerOne report export
  • Community support
Join Waitlist
Most Popular
Pro
$99/mo
  • Unlimited scans
  • All 55 vulnerability classes
  • 265 MCP tools + REST API
  • Race condition engine
  • WAF bypass & Polychrome AI
  • Multi-platform report export
  • Priority support
Join Waitlist
Enterprise
Custom
  • Everything in Pro
  • On-prem deployment
  • Custom detector development
  • CI/CD pipeline integration
  • Dedicated support & SLAs
Contact Us

Burp Suite Pro: $449/yr with no AI integration. Arbiter Pro: $99/mo with 265 MCP tools, race condition engine, and browser-verified reports.

FAQ

Frequently asked questions

How is Arbiter different from running Burp Suite with an AI wrapper?
Arbiter isn't a wrapper. It's 468,000+ lines of Rust built from scratch with constraint inference, state graph construction, and browser verification. AI agents get 265 structured MCP tools to reason with — not a chatbot pasted over a GUI.
Can I use Arbiter without AI agents?
Yes. Arbiter has a full CLI and REST API. The MCP integration is an additional interface, not a requirement. You can run scans, generate reports, and use all detectors directly from the command line.
What's the false positive rate?
Every finding is verified in headless Chrome with screenshot evidence. If it's in your report, it's exploitable. This is the core difference from signature-based scanners that flag patterns without confirming exploitability.
Does Arbiter work behind a WAF?
Yes. Arbiter fingerprints 10+ WAF vendors (Cloudflare, Akamai, AWS WAF, etc.) and generates bypass payloads. The Polychrome module adds SLM-powered mutation for novel evasion.
Is my data safe?
Arbiter runs locally. No scan data leaves your machine unless you explicitly export it. Enterprise customers can deploy on-prem with full network isolation.
How do 265 tools scale without overwhelming the AI's context window?
Both Arbiter and Aletheia integrate with Forgemax, our open source MCP gateway. Instead of dumping all 265 tool schemas into the LLM's context (~50,000 tokens), Forgemax collapses them into just two tools: search and execute. The agent discovers capabilities dynamically and writes JavaScript to chain tool calls inside a sandboxed V8 isolate. Total context overhead: ~1,100 tokens regardless of how many tools exist — a 96%+ reduction. The sandbox provides full security isolation with AST validation, opaque credential bindings, and process-level isolation.
How does constraint inference work?
Arbiter observes real application traffic and infers what the application enforces — authentication boundaries, parameter ordering, rate limits, CSRF token flows, and state transitions. It models this as a typed state graph, then searches for requests that violate those constraints. This means it only tests meaningful hypotheses, not random mutations.
What about HTTP smuggling and protocol-level attacks?
Arbiter has dedicated detection for CL.TE, TE.CL, TE.TE, and HTTP/2 desync smuggling attacks, plus cache poisoning via unkeyed headers, parameter cloaking, and fat GET. These are protocol-level vulnerabilities that pattern-matching scanners typically miss entirely.
Early Access

Arbiter is currently in closed development.

Join the waitlist to get early access when we open the beta. No spam. One email when it's ready.

Questions? Interested in collaborating?

[email protected]