re:zero
deploy rem to red team any attack surface.
autonomous security analysis in minutes
rem — live scanpid 4801
$ rem deploy --target github.com/acme/payments-api
indexing 1,247 files · building dependency graph
│ Payments API — starting with auth middleware and transaction endpoints.
→ read_file src/middleware/auth.ts
→ read_file src/routes/transactions.ts
│ JWT secret from env without validation. Missing var = silent auth bypass.
■ VN-001 CRITICAL Auth bypass via missing JWT secret
→ search_code "query(" "raw(" "execute("
│ Raw SQL in transaction search. User input flows into WHERE clause.
■ VN-002 HIGH SQL injection in /api/transactions
→ read_file src/utils/crypto.ts
│ AES-ECB mode for card numbers. Same card → same ciphertext.
■ VN-003 CRITICAL Deterministic encryption (AES-ECB)
complete — 3 findings · 2 critical · 1 high
zsh · 192.168.1.43 findings · 2 critical · 1 high
Attack modes
1import jwt from 'jsonwebtoken';
2
3const SECRET = "sk-prod-a8f3e2d1";
4
5app.get('/users/:id', (req, res) => {
6 db.query(`SELECT * FROM users
7 WHERE id = ${req.params.id}`)
8});
$ rem --mode oss
every line, every path, every secret
full source tree analysis. rem traces data flows through your codebase — injection points, auth bypasses, hardcoded credentials, dangerous crypto. every file she deems relevant gets read and analyzed.
$ rem --mode web
your browser, her weapon
rem takes the wheel of a headless browser and attacks your web app like a human pentester. she navigates pages, fills forms, injects payloads, and discovers XSS, CSRF, SSRF, IDOR — the full OWASP top 10.
MAID · ONI
deploy rem
rem probes, fails, learns, returns.
each scan is a life. knowledge accumulates.