diff --git a/README.md b/README.md index 12308f0..a6fe867 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,19 @@
-# Hightower — AI Pentester +# Trebuchet — AI Pentester -Hightower is a fork of [Shannon](https://github.com/KeygraphHQ/shannon) by Keygraph, wrapped with a REST API and Kubernetes tooling for cluster-based deployments. +Trebuchet is a fork of [Shannon](https://github.com/KeygraphHQ/shannon) by Keygraph, wrapped with a REST API and Kubernetes tooling for cluster-based deployments.
-## What is Hightower? +## What is Trebuchet? -Hightower is an API-driven AI pentester built on top of Shannon's autonomous penetration testing engine. It performs white-box security testing of web applications and APIs by combining source code analysis with live exploitation. +Trebuchet is an API-driven AI pentester built on top of Shannon's autonomous penetration testing engine. It performs white-box security testing of web applications and APIs by combining source code analysis with live exploitation. -Unlike the upstream Shannon CLI, Hightower is designed to run as a service on Kubernetes — scans are triggered via REST API, orchestrated by Temporal, and executed in ephemeral worker pods. +Unlike the upstream Shannon CLI, Trebuchet is designed to run as a service on Kubernetes — scans are triggered via REST API, orchestrated by Temporal, and executed in ephemeral worker pods. > [!IMPORTANT] -> **White-box only.** Hightower expects access to your application's source code and repository layout. +> **White-box only.** Trebuchet expects access to your application's source code and repository layout. ## Features @@ -26,7 +26,7 @@ Unlike the upstream Shannon CLI, Hightower is designed to run as a service on Ku ## Architecture -Hightower uses a multi-agent architecture that combines white-box source code analysis with dynamic exploitation across five phases: +Trebuchet uses a multi-agent architecture that combines white-box source code analysis with dynamic exploitation across five phases: ``` +----------------------+ @@ -88,11 +88,11 @@ Shannon Lite scored **96.15% (100/104 exploits)** on a hint-free, source-aware v ## Disclaimers > [!WARNING] -> **DO NOT run Hightower on production environments.** +> **DO NOT run Trebuchet on production environments.** > It actively executes attacks to confirm vulnerabilities. Use only on sandboxed, staging, or local development environments. > [!CAUTION] -> **You must have explicit, written authorization** from the owner of the target system before running Hightower. Unauthorized scanning is illegal. +> **You must have explicit, written authorization** from the owner of the target system before running Trebuchet. Unauthorized scanning is illegal. - **Verification is Required**: Human oversight is essential to validate all reported findings. LLMs can still generate hallucinated content. - **Targeted Vulnerabilities**: Broken Authentication & Authorization, Injection, XSS, SSRF.