Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production. Combines static code analysis with AI-driven exploit generation for automated security testing. Built for DevSecOps teams who want to shift security left with intelligent, automated penetration testing.
git clone https://github.com/KeygraphHQ/shannon.git
# Install Shannon
npm install -g @keygraph/shannon
# Run against your application
shannon scan --target ./my-app \
--mode whitebox \
--output report.html
# API testing
shannon api --openapi spec.yaml \
--base-url https://api.example.com