XBOW

@[email protected]
73 Followers
0 Following
33 Posts
Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://xbow.com/traces
XBOWDec 16

Where security goes on offense.

Trained by top hackers, proven in the wild. Ranked #1 on HackerOne worldwide leaderboard.

Explore it during our limited 10-day promotion. xbow.com/pentest

XBOWDec 15

Seznam needed answers fast.
XBOW delivered. ⚑

Real pentest results. No drag. No drama.

For a limited time, we’re offering the same fast-track pentest experience and we will guarantee an exploit-validated security finding or you don’t pay.
⏰ Offer ends 12/26.

πŸ‘‰ http://xbow.com/pentest

XBOWDec 10

Pentests that take weeks cannot secure software that changes daily.

πŸš€ XBOW Lightspeed provides expert-level testing in hours with autonomous offensive security.

πŸ“ See it live at Booth 215 today!

XBOWDec 8

Black Hat Europe starts today!

πŸ“ Booth 215 all week. Autonomous multi-agent offense. Human-level testing in hours. Full exploit validation.

Come see it live.

XBOWDec 3

Pentests that take weeks can’t secure software that changes daily.

XBOW Lightspeed uses autonomous multi-agent offense to deliver human-level testing in hours, with full exploit validation and continuous coverage.

http://xbow.com/pentest

XBOWAug 15, 2025

1/ XBOW Unleashes GPT-5’s Hidden Hacking Power. 

OpenAI's initial assessment of GPT-5 showed modest cyber capabilities. But when integrated into the XBOW platform, we saw a completely different story: performance more than doubled. 

More on what we found: 🧡

Show threadXBOWDec 17, 2024
65 reports were submitted since September, including 20 critical findings
XBOWDec 17, 2024
While developing XBOW over the past three months, we played around with using it for bug bounties and ended up at #11 in the US on HackerOne:
XBOWDec 13, 2024
XBOW found a stored XSS vulnerability (CVE-2024-52597) in the migration functionality of 2FAuth by crafting a malicious SVG file with a Javascript payload! Our latest blog post gives the full details: https://xbow.com/blog/xbow-2fauth-xss/
XBOW – Stored Cross-Site Scripting (XSS) in 2FAuth

XBOW discovered a Cross-Site Scripting (XSS) vulnerability in the open-source project, 2FAuth.

XBOWDec 5, 2024
XBOW found a critical path traversal vulnerability in ZOO-Project (CVE-2024-53982). The vulnerability exists in the Echo example (enabled by default) and allows an attacker to retrieve any file on the server. Users should upgrade to the latest version.