farhoodlabs/trebuchet
8
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Rename Hightower to Trebuchet in README.md

Browse Source
This commit is contained in:
Chris Farhood
2026-05-06 23:51:42 +00:00
committed by Blake Middleware [agent]
parent 4cbc4bc5e4
commit 3be1ee5e42
1 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+9 -9
View File
@@ -1,19 +1,19 @@
<div align="center">
# Hightower — AI Pentester
# Trebuchet — AI Pentester
Hightower is a fork of [Shannon](https://github.com/KeygraphHQ/shannon) by Keygraph, wrapped with a REST API and Kubernetes tooling for cluster-based deployments.
Trebuchet is a fork of [Shannon](https://github.com/KeygraphHQ/shannon) by Keygraph, wrapped with a REST API and Kubernetes tooling for cluster-based deployments.
</div>
## What is Hightower?
## What is Trebuchet?
Hightower is an API-driven AI pentester built on top of Shannon's autonomous penetration testing engine. It performs white-box security testing of web applications and APIs by combining source code analysis with live exploitation.
Trebuchet is an API-driven AI pentester built on top of Shannon's autonomous penetration testing engine. It performs white-box security testing of web applications and APIs by combining source code analysis with live exploitation.
Unlike the upstream Shannon CLI, Hightower is designed to run as a service on Kubernetes — scans are triggered via REST API, orchestrated by Temporal, and executed in ephemeral worker pods.
Unlike the upstream Shannon CLI, Trebuchet is designed to run as a service on Kubernetes — scans are triggered via REST API, orchestrated by Temporal, and executed in ephemeral worker pods.
> [!IMPORTANT]
> **White-box only.** Hightower expects access to your application's source code and repository layout.
> **White-box only.** Trebuchet expects access to your application's source code and repository layout.
## Features
@@ -26,7 +26,7 @@ Unlike the upstream Shannon CLI, Hightower is designed to run as a service on Ku
## Architecture
Hightower uses a multi-agent architecture that combines white-box source code analysis with dynamic exploitation across five phases:
Trebuchet uses a multi-agent architecture that combines white-box source code analysis with dynamic exploitation across five phases:
```
+----------------------+
@@ -88,11 +88,11 @@ Shannon Lite scored **96.15% (100/104 exploits)** on a hint-free, source-aware v
## Disclaimers
> [!WARNING]
> **DO NOT run Hightower on production environments.**
> **DO NOT run Trebuchet on production environments.**
> It actively executes attacks to confirm vulnerabilities. Use only on sandboxed, staging, or local development environments.
> [!CAUTION]
> **You must have explicit, written authorization** from the owner of the target system before running Hightower. Unauthorized scanning is illegal.
> **You must have explicit, written authorization** from the owner of the target system before running Trebuchet. Unauthorized scanning is illegal.
- **Verification is Required**: Human oversight is essential to validate all reported findings. LLMs can still generate hallucinated content.
- **Targeted Vulnerabilities**: Broken Authentication & Authorization, Injection, XSS, SSRF.