Argus: Agentic Threat Modeling with the Claude Agent SDK

How Argus wraps Trail of Bits' skills and the advisor/executor pattern into an end-to-end threat-modeling pipeline

Apr 23, 2026 ai, security, threat-modeling

Building Blocks for Agentic Solutions

The building blocks I use when designing agentic solutions

Apr 21, 2026 ai, agents, engineering

Cassian: Agentic Differential Security Review for Pull Requests

How Cassian uses 14 specialized agents to review PRs for security regressions, with an experiment in semi-formal reasoning certificates for structured code analysis

Mar 10, 2026 ai, security, code-review

ODYSSEUS: Building an Agentic Pentest Platform

How I built a multi-stage agentic pentest pipeline, what it found and missed, and how to use the approach in your workflows

Mar 2, 2026 ai, security, penetration-testing

AI Pal: Bring Your Own Model to Burp Suite

A bring-your-own-model extension for running local and cloud LLMs inside Burp Suite

Feb 20, 2026 ai, security, burp-suite

nanochat-sec: $150, 6 Hours, and a Model That Hallucinates Log4Shell

How I adapted nanochat for security vulnerability work, what the training logs actually showed, and where the model broke

Feb 17, 2026 ai, security, machine-learning

The Ralph Pentest Loop: Adapting AI Agent Loops for Security Testing

How I adapted the Ralph Wiggum autonomous agent pattern for penetration testing with static analysis and dynamic validation

Jan 21, 2026 ai, security, penetration-testing

Fine-Tuning a Security Vulnerability Analysis LLM: A Complete Guide

How I built it, why it failed, and what the data taught me

Jan 11, 2026 ai, security, machine-learning