Hadrian open-sources AI-powered vulnerability research framework OpenHack
Dutch security firm Hadrian has released OpenHack, an MIT-licensed project that packages AI-powered vulnerability research into a file-based workspace compatible with coding harnesses like Claude Code, Codex, and Cursor.
A new open-source tool aims to bring the power of AI-driven vulnerability research to the wider security community. Hadrian, a Dutch security firm, has released OpenHack under the MIT license, packaging its automated vulnerability research workflow into a file-based workspace that runs inside popular coding harnesses such as Claude Code, Codex, and Cursor.
OpenHack is not a standalone scanning tool but a set of agents and tools that replicate how Hadrian's own research team conducts automated vulnerability research. The framework works as a drop-in workspace for coding harnesses, which are increasingly being used for agent-based code review. This allows security professionals to automate parts of the vulnerability discovery process without building custom pipelines from scratch.
The project's compatibility with multiple harnesses is a deliberate design choice. Rather than locking users into a single platform, OpenHack works with Claude Code, Codex, and Cursor, giving teams flexibility in their tooling. This approach mirrors a broader industry trend toward agent-based security analysis, where language models drive iterative code review and exploitation tasks.
OpenHack arrives at a time when AI-powered vulnerability research is rapidly maturing. Recent demonstrations have shown AI pipelines discovering hundreds of zero-days in WordPress plugins at minimal cost, and Google has attributed a surge in Chrome vulnerability discoveries to AI-driven fuzzing. OpenHack aims to democratize these capabilities by making them available as open-source software.
The MIT license chosen for OpenHack is notable. It imposes minimal restrictions on use, modification, and redistribution, making it suitable for both commercial and academic adoption. This could accelerate the tool's integration into existing security workflows and encourage community contributions to improve its agent modules over time.
Hadrian's move to open source its research workflow reflects a growing trend among security vendors to share defensive tooling with the community. By releasing OpenHack, the company provides a practical resource for teams looking to experiment with AI-assisted vulnerability research without committing to proprietary platforms. The project is available on GitHub, and early adopters can set up the workspace and begin running agents against their own codebases.