Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Show HN: Peneterrer – The ChatGPT for Website Security Testing (peneterrer.com)
6 points by Adeeb0123 on June 20, 2024 | hide | past | favorite | 4 comments
Hi HN! I am a 14-year-old building Peneterrer. It is a tool for web and solo developers to check their website's security with easy-to-read reports and custom testing workflows.

The Main objective of Peneterrer is to make the lives of web developers easy, and it does this by allowing web developers to test their websites by simply using words.

Until now I have spent around 3 months creating this and would love for you all to try it!




Seems very thin on the details. Your GitHub is also quite sparse. Can you provide some more examples of how this works? Seems like mostly marketing fluff when reading through the site.


Go through The FAQ (that I have added recently) You might find it useful!


This is interesting, but from my experience ChatGPT is terrible at security focused code review.

How does this work? Are you sending each request or webpage to the LLM and asking to find security issues?


You are right, this is what I did in my first version, but it failed terribly due to context length issues and the fact that SPA applications work by loading JS code, etc.

Currently, for the backend, tools like Nmap, Dirsearch, ZAP, etc., are employed. When a user asks specific queries like 'Check all open ports in my web app,' 'Check security headers of my app,' or simply 'Find all vulnerabilities in my web app,' it writes commands for the above tools, executes them, and provides the answer. This mix-and-match of tools using simple words allows users to create custom workflows that may run weekly, monthly, or fortnightly.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: