Hi HN, I'm Victor. AI is making attacks cheaper and faster. Automated vulnerability scanners, LLM-assisted exploit generation, and attack frameworks that used to require expertise are now accessible to anyone with a prompt. Security testing needs to keep pace.
I built ModernPentest to run continuous automated pentests on any web application or API. Setup takes 5 minutes, and you get a full report with exploitable vulnerabilities in under an hour.
How it works:
- AI agents (Claude Agents SDK) coordinate a multi-stage testing pipeline: discovery, parallel vulnerability testing (injection, access control, authentication), consolidation, and report generation
- Agents run on GCP Cloud Run Jobs (containerized)
- Real-time progress updates via Convex WebSockets
- Security tools: Nuclei, SQLMap, httpx, and custom checks for specific platforms
What it tests:
- Any web application or API (Next.js apps, WordPress sites, Django backends, etc.)
- Deep checks for Supabase RLS policy bypasses and Firebase security rule misconfigurations
- API authentication, authorization, and injection vulnerabilities (OWASP API Top 10)
The speed difference matters. Traditional pentests take 2-4 weeks and give you a point-in-time snapshot. By the time you get results, your codebase has changed. We run in under an hour, so you can test after every deployment.
Remediation validation is another pain point. When you fix a vulnerability, you usually wait 5-10 days for a consultant to verify. Our agents verify your fix in about 5 minutes.
Pricing: $500/month gets you 24 pentests per year (monthly automated + on-demand), SOC 2-ready reports, and remediation tracking. That's $6K/year vs $15K+ for a single traditional pentest.
Tech stack: Next.js frontend, Convex backend, scanning agents on GCP running with Claude Agents SDK.
I think the effort is valuable, however hard for individuals to act upon to effectively improve their diet.
A simple do / don't list serves this better:
Do:
- Do consume more legumes or beans, lentils and peas.
- Do consume more fish (low lead options)
- Do consume more vegetables and fruit
Don't
- Don't consume alcohol or other harmful drugs
- Don't consume sweetened items (either added sugars or artificial sweeteners)
- Avoid processed food (try to cook as much as possible)
I think having the LLM output as rich visual interface is the future of AI interaction. I think the app as I have tested it, it's great, posting some interesting visuals. In its current form it reminds me a bit about how this feature is already implemented in Claude for instance.
During the generation process, the UX was generally great, and the webapp felt responsive. However, a lot of " Error executing code: Failed to access notebook: calc_notebook" errors where thrown. The final result looked great, I'm not sure whether these errors did have any impact.
Have you thought about getting this feature shipped through an API with some React components so that it could be used for building websites that handle AI interactions?
Looking quite promising! I would love to use this as a code friendly animated diagraming tool. Some feature requests that would make it stand out for me:
1. Have you thought about creating some react components that would render these? You could then embed them in webpages and docs using something like https://fumadocs.dev/
2. For the animations themselves, you could have more customization options. For instance, adding the support for text cards or different shapes. I think having the option to add text in the moving parts would be really helpful for this kind of use case.
How are your AI agents handling the fact that some sites might be captcha protected?
reply