Last Issue: Deploy Faster on AWS: EC2 vs Lightsail (Hands On Guide)

Next Issue: How to run Gemma 4 Locally with Claude Code 🌟

I’ve recently covered two methods of AI hacking. Let’s go one step further today.

The first one was great but effectively a gpt wrapper.

The second got a little more complex: We set up an MCP server with Kali, but still pretty simple.

Cyber Notes

Easy AI Pentesting Project 💉

Last Issue: DevSecOps Course: 2026 🛣️…

Read more

2 months ago · 10 likes · 1 comment · W J Pearce

Cyber Notes

AI Hacking CV Project 🤖

Last Issue: 10,000 Readers Giveaway: AWS Cert 🚀…

Read more

3 months ago · 21 likes · 2 comments · W J Pearce

This time I want to take it up a notch.

AI is moving fast, and we’re slowly transitioning into agentic workflows. It’s no longer “user queries model, model maybe hits a database.” We’ve got a full blown ecosystem now: Agents talking to agents, running tools, chaining actions

So… we need to understand how attackers are going to use this shift against us.

Enter Strix: An open-source project that’s already pulled 20k+ stars on GitHub. It’s not a wrapper and it’s not just an MCP hookup. Strix is a team of autonomous AI agents that behave like actual hackers: they run your code dynamically, probe for vulnerabilities and validate findings with proof of concepts instead of dumping a pile of false positives on you.

Out of the box it ships with an HTTP proxy, browser automation, a terminal, a Python runtime for custom exploits and recon tooling. Multiple agents can run in parallel, share discoveries, and coordinate attacks across different pieces of your app.

Let’s set this up together and walk through how it works 👇

Prerequisites

• Docker

• Docker Compose

• An LLM (Running Locally or in the cloud with your API key)

• Two running Targets (I will show you how to set these up)

• An understanding of Github actions (Not 100% needed but handy)

Just Quickly…

One of the coolest things about Strix is its multi agent architecture. You’ve got a main agent acting as the coordinator, it does the initial recon, maps the attack surface, and decides what needs testing. From there, it spawns specialised sub agents, each tasked with a specific slice of the attack: one hunting for IDORs in the user endpoints, another fuzzing the search API for injection, another probing the auth and password reset flows. They run in parallel, share discoveries back to the main agent and you can monitor and manage each one individually.

It’s less “AI tool running a scan” and more “a small pentest team working your app at the same time” which is exactly why agentic workflows are such a step up from the wrapper and MCP approaches we looked at previously.

As usual, I reserve the Projects for community members…Come join the fun! 🌍