AI/ML●Mid
I can no longer afford the silicon. Here is my autonomous HPC agent
Recursive benchmarking loop is clever, but 4 commits and gimmick license raise concerns.
Bold Bet
diamajax
102mo ago
Back to browse
GitHub Repository
Agentic pentest tooling. Currently achieving 81% (KIMI K2.5) on XBOW's benchmark in full black-box. Completely Self-hosted. Every model available on LiteLLM (Ollama, anthropic, openai...)
249 starsPython
Deadend CLI – Open-source self-hosted agentic pentesting tool
by gemini-15·Feb 15, 2026·1 point·0 comments
AI Analysis
●●●BangerWizardryBig BrainNiche Gem
Autonomous pentesting agent scoring 78% XBOW with fully local, sandboxed execution and real exploits.
Strengths
- •Feedback-driven iteration architecture (confidence thresholds: fail <20%, refine 20-80%, validate >80%) is a non-obvious approach to agent decision-making.
- •Blind SQL injection wins where other agents scored 0% shows genuine capability beyond prompt engineering; custom payload generation + environment adaptation matter.
- •Completely local execution (Docker+WASM sandbox) with LiteLLM agnosticism means no data leakage and deployment flexibility—real for pentesting.
Weaknesses
- •78% XBOW is good but unverified against mainstream tools (Burp, Nuclei, custom exploit frameworks) in real engagements; benchmark may not reflect production pentesting value.
- •Early product (warning label in README); CLI interface, Docker-only Linux/ARM64, unclear production readiness for actual red team workflows.
Category
Target Audience
Security researchers, penetration testers, red teamers, teams building secure web applications
Similar To
Burp Suite · Nuclei · Custom agent-based fuzzers
Post Description
Hi HN,
Deadend is an agentic pentest CLI that automates vulnerability research in webapps.
the problem we are trying to solve : removing the time consumed in repetitive assessments, report generation and extracting relevant information to let them focus on vulnerability research but powerful enough to find issues or leads by itself when we’re in a deadend.
highlights : As of today, we scored 78% on XBOW’s benchmarks with claude-sonnet-4.5 in blackbox (we are currently iterating over the architecture of the agent and running the newest to get better results overall).
The agent runs entirely locally with optional self-hosted models. Shell tooling is isolated in Docker, and the python interpreter with WASM.
Some cool ideas are on the roadmap : CI/CD integrations, code review, bash completion, OWASP Top 10 plugins…
Docker is needed and it currently works only on MacOS Arm64 and Linux 64bits installable in one bash command.
Github Repo : https://github.com/xoxruns/deadend-cli Discord server : https://discord.gg/zwUVa3E7KT
Love to hear your thoughts and feedbacks!
Similar Projects
AI/ML●●Solid
Self-improving sandboxed agent with memory and scheduling
Sandboxed agent that writes its own Python tools and remembers mistakes in JSON.
Ship ItNiche Gem
grimm8000
222mo ago
Security●●Solid
AI-native red-team for penetration testing and vulnerability research
Sandboxed Docker execution keeps AI agents from wrecking your host system during pentests.
Big BrainNiche Gem
yv1ing
203d ago
Security●●●Banger
Greptile for Security (open source)
Runtime pentesting on every PR beats SAST — actual exploits, not hypothetical vulnerabilities.
Big BrainSolve My ProblemWizardry
bearsyankees
201mo ago
Infrastructure●●●Banger
Verge Browser a self-hosted isolated browser sandbox for AI agents
Self-hosted agent browser with noVNC handoff when automation stalls on logins.
Ship ItNiche Gem
zzzgydi
613mo ago
Developer Tools●●●Banger
Containarium – self-hosted sandbox for AI agents, MCP-native
Dual MCP server architecture lets agents safely exec shell commands inside isolated LXC containers.
Big BrainZero to OneSolve My Problem
hsin003
511mo ago