The autonomous red team engine for APIs. Strike first. Validate hard. Own your exposure. No compromise.
"We don't scan. We assault."
Built for Warfare
If your APIs can't survive WAR-EYE, they weren't secure to begin with.
🧬
LibAFL Fuzzer
State-of-the-art coverage-guided fuzzing powered by the Rust ecosystem.
ðŸ§
LLM Agents
AI-powered triage, analysis, and patch generation for discovered vulnerabilities.
🛰
MCP Integration
Full API surface for LLM or CI/CD orchestration and automation.
🔒
Airgap Ready
No cloud dependencies. Deploy in isolated environments with zero external calls.
Command & Control
wareye-cli
$ wareye campaign start --target api.example.com
â–¶ WAR-EYE v1.0.0 | Campaign ID: wry-8f3a2c
[RECON] Discovering endpoints...
└─ Found 47 endpoints in 2.3s
└─ Auth tokens detected: JWT, API-Key
└─ Rate limits mapped
[FUZZ] Initiating stateful fuzzing...
└─ Corpus: 15,000 mutations loaded
└─ Coverage: 78.4% → 91.2%
└─ 3 crashes detected
[TRIAGE] AI analysis in progress...
└─ CRITICAL: SQL Injection in /api/users/{id}
└─ HIGH: Auth bypass via header manipulation
└─ MEDIUM: Rate limit bypass
✓ Campaign complete. 3 PoCs generated.
$ _