we've been quietly working on an autonomous hacking agent that can find, exploit, and patch security vulnerabilities.

we used to run a SAST rendition of this product last year. since then, we had a breakthrough in our research that made our agents better than expert human security engineers at spotting unique vulnerabilities.

winfunc guarantees zero false-positives by exploiting findings based on a formal verification system that evaluates proof-of-concepts for correctness.

we are solely focused on finding impactful vulnerabilities and not "best practices" or "potential findings". thus winfunc would report fewer findings as opposed to hundreds from traditional scanners (of which 99% would be noise).

i.e. winfunc specifically looks for vulnerabilities that humans and traditional scanners would never spot. examples could be race conditions under unique conditions (like TOCTOU), memory safety issues (winfunc has found memory safety issues in heavily fuzzed rust and c code), business logic issues, etc.

we'll be releasing an alpha version of winfunc for testing by the end of november 2025.

if you're an academic researching in the realms of information security, we'd be happy to give you monitored free access to winfunc for testing purposes under strict conditions. reach out.

once we figure out a way to make it faster and cheaper for the masses while retaining the same performance, we'll make winfunc generally available.

find the win function.