frontpage.

Show HN: Hackerest – Real-time penetration testing, built by security engineers

https://hackerest.com

2•mcisternino•1mo ago

We launched Hackerest last week. We’re a group of security engineers based in Italy (ex-Amazon, Accenture) who spent years doing pentests the traditional way and kept wondering why the workflow still looks like it did in 2010.

Most pentests today (still) work like this:

1. the engagement runs for days or weeks

2. nothing is shared until everything is finished

3. the client gets a PDF long after the issues were actually discovered

4. half of the attack surface has changed by then

What Hackerest does:

* findings appear in real time during the active testing window, as testers discover them

* built-in versioning of findings, so changes, updates, and retests are tracked cleanly

* multiple testers can collaborate without blocking each other

* the final PDF is generated automatically at the end

* customers use a credit-based model to start tests quickly

We DON'T use AI to perform the actual testing. Hacking, in our experience, is a creative and exploratory process that depends heavily on intuition, pattern recognition, and years of hands-on work. Automating that would either produce shallow results or give a false sense of coverage.

We’d rather be transparent about what we offer: real testers, with real experience, working in real time. AI might help with auxiliary tasks in the future (summaries, noise reduction, report cleanup), but the core of the work is done by humans who know what they’re doing. We don’t want to sell automation where it doesn’t belong.

The tester network:

We collaborate with independent, experienced pentesters. The platform handles assignment, access isolation, and report normalization so testers can focus on actual discovery rather than logistics.

What we're building next:

We’re adding workflow integrations (starting with Jira), more granular notification controls, and better tools for teams running multiple engagements in parallel. Longer term, we’d like to expose a structured API to let companies pull findings directly into their internal systems.

If you’ve worked on similar problems, we’d really value feedback. Our goal isn’t to reinvent pentesting, just to make it match how engineering teams actually operate today.

My LinkedIn, if you want context on who’s behind the project: https://www.linkedin.com/in/nt-authority-system/

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

How I grow my X presence?

What's the cost of the most expensive Super Bowl ad slot?

What if you just did a startup instead?

Hacking up your own shell completion (2020)

Show HN: Gorse 0.5 – Open-source recommender system with visual workflow editor

GLM-OCR: Accurate × Fast × Comprehensive

Local Agent Bench: Test 11 small LLMs on tool-calling judgment, on CPU, no GPU

Show HN: AboutMyProject – A public log for developer proof-of-work

Expertise, AI and Work of Future [video]

So Long to Cheap Books You Could Fit in Your Pocket

PID Controller

SpaceX Rocket Generates 100GW of Power, or 20% of US Electricity

Kubernetes MCP Server

I Built a Movie Recommendation Agent to Solve Movie Nights with My Wife

What were the first animals? The fierce sponge–jelly battle that just won't end

Sidestepping Evaluation Awareness and Anticipating Misalignment

OldMapsOnline

What It's Like to Be a Worm

Don't go to physics grad school and other cautionary tales

Lawyer sets new standard for abuse of AI; judge tosses case

AI anxiety batters software execs, costing them combined $62B: report

Bogus Pipeline

Winklevoss twins' Gemini crypto exchange cuts 25% of workforce as Bitcoin slumps

How AI Is Reshaping Human Reasoning and the Rise of Cognitive Surrender

Cycling in France

Ask HN: What breaks in cross-border healthcare coordination?

Show HN: Simple – a bytecode VM and language stack I built with AI

Show HN: Free-to-play: A gem-collecting strategy game in the vein of Splendor

My Eighth Year as a Bootstrapped Founde