One operator. Every surface.
HELIX is an autonomous offensive-security operator. Point it at a web app, an API spec, a mobile binary, or a cloud account, it auto-detects the engagement, runs recon through exploitation and chaining, and hands back a triaged report with reproducible proof. A human sets the scope and reviews the output. Everything in between is autonomous.
How it runs
You point HELIX at one target and set the scope. From there it operates the way a senior offensive engineer would, planning, executing real tools, observing results, and re-deciding until it has proof or has exhausted the surface.
Point at a target
Give it a URL, an OpenAPI or GraphQL spec, an Android APK, an iOS IPA, or a cloud account. HELIX auto-detects the engagement type.
Plans autonomously
A stateful Monte-Carlo Tree Search planner proposes candidate moves, scores them, and prunes branches that fail, so it never bangs on a closed door.
Exploits with real tools
The agent reasons; sqlmap, nuclei, Frida, mitmproxy, ffuf and dozens more do the work. Hypotheses get corroborated at runtime, not assumed.
Reports with proof
Every finding ships with a copy-pasteable reproducer, CVSS, CWE and language-specific remediation, triaged and deduped before it reaches you.
Built for the full attack surface
One engagement targets one surface, but HELIX covers all of them, each with its own specialist agents and toolset.
Web
Recon, authentication, access control, injection and business-logic abuse, with dedicated GraphQL, OAuth/OIDC and chain-hunting passes.
API
Ingests your OpenAPI, Swagger or GraphQL spec, then hunts BOLA and BFLA, mass assignment, rate-limit bypass, and webhook & WebSocket abuse.
Mobile (iOS & Android)
Static binary analysis plus dynamic Frida and Objection instrumentation, surfacing embedded secrets and broken server-side authorization.
Cloud & Kubernetes
Maps AWS and Kubernetes exposure, then probes IAM privilege escalation, exposed storage, and metadata SSRF paths into the control plane.
AI & LLM
Prompt injection, system-prompt leakage, RAG and vector-DB poisoning, coverage aligned to the OWASP LLM Top 10.
Code review
Semgrep-backed analysis that traces data flows across services and feeds source context straight back into the planner.
Drive it however you work
From a single operator at a terminal to a full security team to a CI pipeline, HELIX meets you where you already are.
TUI
A polished interactive terminal interface for a single operator who lives in the shell.
Web app
Multi-user workspace for teams: engagement creation, live progress, findings explorer, triage and a full audit log.
API for CI
A public API to create and manage engagements, trigger a run from your pipeline and pull results back.
MCP server
Drive the full toolset from Claude Desktop, Cursor, or any MCP client.
Findings you can act on, not triage
Every finding ships with a copy-pasteable reproducer, a CVSS score, a CWE mapping, and language-specific remediation. A correlator dedupes findings across agents so you see one issue, not forty echoes of it. A confirmation filter drops any hypothesis that lacks runtime corroboration, what reaches your queue is what HELIX actually proved.
$ curl -s 'https://target/api/orders/1042' \
-H 'Authorization: Bearer <low-priv>'
→ 200 OK, returned another tenant's order
CVSS 8.1 (High) 路 CWE-639
Fix: enforce object-level ownership check
before serialization in OrderService.
See it run on your stack
Pick a surface, set a scope, and watch HELIX operate end to end.