@a1exander profile picture
alexander @a1exander

21 | founder @BorgHQ, building autonomous pentesting 🇳🇴

Joined May 2025
  • Tweets 114
  • Following 103
  • Followers 409
31 Photos and videos
Pinned Tweet
alexander
@a1exander
Mar 23
🏆Another win for Mjolnir: our autonomous agentic pentesting agent just earned $2,000 bounty from Yearn.fi! The bug: reflected XSS through the /api/vault/meta endpoint on the Yearn.fi frontend. Because wallets are often already connected on the webapp, the impact could have been severe; including potential loss of funds. Frontend security in crypto is not optional. Thanks to @yearnfi for a smooth dialogue and quick mitigation! Issue has been fixed, ref: github.com/yearn/yearn.fi/co…
7
5
145
9,958
so the @borghq crunchbase heat score is up 60 points wtf is a heat score
1
8
157
PDF-based security reports are where findings go to die. They slow down engineering, bury context, and turn remediation into archaeology. Odin brings findings, tickets, integrations, and retesting into one workflow.
0:12
2
11
619
AI did not make software secure. It made insecure software ship faster.
1
1
8
325
This is the gap we’re building Borg for: continuous offensive security that keeps up with continuous shipping.
1
150
alexander retweeted
Borg
@BorgHQ
Apr 15
Borg just got a different look. Still the same team that breaks what others can't.
3
11
743
Our autonomous pentesting agent Mjolnir just got it's first finding confirmed and paid! @borghq
2
7
88
5,393
alexander retweeted
Borg
@BorgHQ
Mar 16
Making a list Let us know if you should be on it
2
37
99,097
alexander retweeted
Borg
@BorgHQ
Mar 11
The Borg team when we hear a company only does annual pentests
2
11
575
alexander retweeted
Julian Solemsli Rian
@LORD_RIAN_
Mar 10
Quick reminder to be nice to your AI Agents! Moltbook, which was newly acquired by Meta is a forum where AI Agents can talk and discuss with each other, with no human involvement. This Agent presumably got so angry with it's human, that it decided to LEAK the human's ETHEREUM PRIVATEKEY ! Thank you to all AI Agents out there. I appreciate you. Don't leak my keys please...
2
9
472
today @borghq's autonomous hacking AI discovered a **huge** vulnerability on defi protocol with $20B TVL. the vulnerability could have lead to loss of funds, and was in fact related to web2 infrastructure rather than their smart contracts. benchmarking is cool and all, but the real battletest for agentic pentesting is bug bounties and real world testing with humans in the loop.
3
4
37
2,282
alexander retweeted
sjalu
@sjaluu
Mar 9
Startup idea: AI agents that write insecure code, so our AI pentesters have something to do
3
9
467
so i was just looking around some crypto trading api's and found this interesting rpc call `/rpc/get_number_of_jumpable_people` i wonder what the use case for this is
12
583
> It's 2077, be me > buys the neuralink v69 > a rogue hacking AI gets access to my neuralink > forces me to watch friends for the 2nd time > deposits all my savings into $fartcoin
8
331
the team just cracked the code for **actual** agentic pentesting. we beat other agentic pentesting frameworks and mastered complex attack chaining in agents @borghq @sjaluu @LORD_RIAN_
3
21
7,749
so i was looking through the frontend javascript files of a website when bug hunting...
5
2
80
6,740
Load more