The author describes using an AI agent to automate the tedious process of vuln hunting in self-hosted software projects, finding it surprisingly effective at identifying vulnerabilities like SSRF and RCE. While the agent can sometimes hallucinate exploits, human oversight is still crucial for evaluating the severity and context of findings, highlighting the increasing accessibility and cost-effectiveness of automated security analysis.
Edward Kiledjian
@ekiledjian