frontpage.

Show HN: Hackerest – Real-time penetration testing, built by security engineers

https://hackerest.com

2•mcisternino•1mo ago

We launched Hackerest last week. We’re a group of security engineers based in Italy (ex-Amazon, Accenture) who spent years doing pentests the traditional way and kept wondering why the workflow still looks like it did in 2010.

Most pentests today (still) work like this:

1. the engagement runs for days or weeks

2. nothing is shared until everything is finished

3. the client gets a PDF long after the issues were actually discovered

4. half of the attack surface has changed by then

What Hackerest does:

* findings appear in real time during the active testing window, as testers discover them

* built-in versioning of findings, so changes, updates, and retests are tracked cleanly

* multiple testers can collaborate without blocking each other

* the final PDF is generated automatically at the end

* customers use a credit-based model to start tests quickly

We DON'T use AI to perform the actual testing. Hacking, in our experience, is a creative and exploratory process that depends heavily on intuition, pattern recognition, and years of hands-on work. Automating that would either produce shallow results or give a false sense of coverage.

We’d rather be transparent about what we offer: real testers, with real experience, working in real time. AI might help with auxiliary tasks in the future (summaries, noise reduction, report cleanup), but the core of the work is done by humans who know what they’re doing. We don’t want to sell automation where it doesn’t belong.

The tester network:

We collaborate with independent, experienced pentesters. The platform handles assignment, access isolation, and report normalization so testers can focus on actual discovery rather than logistics.

What we're building next:

We’re adding workflow integrations (starting with Jira), more granular notification controls, and better tools for teams running multiple engagements in parallel. Longer term, we’d like to expose a structured API to let companies pull findings directly into their internal systems.

If you’ve worked on similar problems, we’d really value feedback. Our goal isn’t to reinvent pentesting, just to make it match how engineering teams actually operate today.

My LinkedIn, if you want context on who’s behind the project: https://www.linkedin.com/in/nt-authority-system/

What the News media thinks about your Indian stock investments

Running Lua on a tiny console from 2001

Google and Microsoft Paying Creators $500K+ to Promote AI Tools

New filtration technology could be game-changer in removal of PFAS

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

Kinda Surprised by Seadance2's Moderation

I Write Games in C (yes, C)

Django scales. Stop blaming the framework (part 1 of 3)

Malwarebytes Is Now in ChatGPT

Thoughts on the job market in the age of LLMs

Show HN: Stacky – certain block game clone

AIII: A public benchmark for AI narrative and political independence

SectorC: A C Compiler in 512 bytes

The API Is a Dead End; Machines Need a Labor Economy

Digital Iris [video]

New wave of GLP-1 drugs is coming–and they're stronger than Wegovy and Zepbound

Convert tempo (BPM) to millisecond durations for musical note subdivisions

Show HN: Tasty A.F.

The Contagious Taste of Cancer

U.S. Jobs Disappear at Fastest January Pace Since Great Recession

Bithumb mistakenly hands out $195M in Bitcoin to users in 'Random Box' giveaway

Beyond Agentic Coding

OpenClaw ClawHub Broken Windows Theory – If basic sorting isn't working what is?

OpenBSD Copyright Policy

OpenClaw Creator: Why 80% of Apps Will Disappear

What Happens When Technical Debt Vanishes?

AI Is Finally Eating Software's Total Market: Here's What's Next

Computer Science from the Bottom Up

Show HN: A toy compiler I built in high school (runs in browser)

You don't need Mac mini to run OpenClaw