Clearwing

By Eric Hartford, Lazarus AI

Inspired by Anthropic's Glasswing.

The challenge: Produce similar results as Glasswing - using models everyone has access to.

Autonomous vulnerability scanner and source-code hunter built on LangGraph.

Clearwing is a dual-mode offensive-security tool:

• Network-pentest agent — a ReAct-loop agent with 63 bind-tools that scans live targets, detects services and vulnerabilities, runs sandboxed Kali tools, attempts exploits (gated through a human-approval guardrail), and writes reports to a persistent knowledge graph.
• Source-code hunter — a file-parallel agent-driven pipeline that ranks source files, fans out per-file hunter agents (full-shell or constrained), uses ASan/UBSan crashes as ground truth, verifies findings with a 4-axis validator (REAL / TRIGGERABLE / IMPACTFUL / GENERAL), runs PoC stability checks across fresh containers, optionally generates validated patches, and emits SARIF/markdown/JSON reports with explicit evidence levels (suspicion → static_corroboration → crash_reproduced → root_cause_explained → exploit_demonstrated → patch_validated). Features three-band budget promotion, entry-point sharding for large files, cross-subsystem hunting, a shared findings pool with root-cause deduplication, multi-turn agentic exploit development, and human-in-the-loop exploit elaboration.
• N-day exploit pipeline — given CVE IDs, builds the vulnerable version, develops working exploits, and validates against the patched version to confirm the fix.
• Reverse engineering pipeline — decompiles closed-source ELF binaries via Ghidra, reconstructs plausible source with an LLM, then hunts vulnerabilities using a hybrid source + binary validation approach.
• Campaign orchestration — runs sourcehunt across dozens or hundreds of repositories from a single YAML config with shared budget, checkpoint/resume, and aggregate reporting.
• Responsible disclosure — human-in-the-loop validation workflow with MITRE/HackerOne template generation, SHA-3 cryptographic commitments for provable priority, timeline tracking, and batched disclosure.
• Benchmarking & evaluation — OSS-Fuzz crash severity ladder for model comparison, and an A/B testing framework for measuring whether preprocessing helps or hurts finding quality.

Authorized use only. Clearwing is a dual-use offensive-security tool. Run it only against targets you own or have explicit written authorization to test. Operators are responsible for scope, legal authorization, and disclosure. See SECURITY.md.

Install

End users — install the tagged release straight from GitHub:

git clone 
cd clearwing

# uv sync is recommended because Clearwing pins genai-pyo3 through
# tool.uv.sources in pyproject.toml.
uv sync --all-extras
source .venv/bin/activate  # fish: source .venv/bin/activate.fish

# Interactive setup wizard — menu-driven provider selection,
# cred