Cursor for pentesting
Pentest at the speed of thought[1]

Early PreviewDOWNLOAD FOR MACOS
[READ THE MANIFESTO]

[1] Human brains and computing machines will be coupled together very tightly, and the resulting partnership will think as no human brain has ever thought.”

— J.C.R. Licklider
acme-corp.com.http
/response/302
request > POST /api/auth/loginSQLi DETECTED
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
POST /api/auth/login HTTP/1.1
Host: acme-corp.com
Content-Type: application/x-www-form-urlencoded
Origin: https://acme-corp.com
Referer: https://acme-corp.com/login
User-Agent: Mozilla/5.0 (Macintosh; ...
Accept: text/html,application/xhtml+xml
Accept-Encoding: gzip, deflate, br
Cookie: session=eyJhbGciOiJIUzI1NiJ9...
Content-Length: 67
Connection: keep-alive
 
// ⚠ Blackswan: SQLi detected in 'username' param
 
username=admin' OR 1=1--&password=test
 
// Payload bypasses auth — no parameterized query
// CVSS: 9.8 (Critical) — OWASP A03:2021 Injection
PROBLEMS4OUTPUTDEBUG CONSOLETERMINALPORTS
Filter
acme-corp.com/api/auth/login 1 1
p:8080 (1 connected)
HTTP
WE WORKED WITH
Samsung
DSTA
Adjoe
Innovazione Digitale
Phala Network
Samsung
DSTA
Adjoe
Innovazione Digitale
Phala Network
Samsung
DSTA
Adjoe
Innovazione Digitale
Phala Network
CAPABILITIES

Everything in one place

No more tab-switching between 15 different tools. Blackswan integrates your entire workflow.

UNIFIED WORKSPACE

CORE

Code editor, terminal, scanner, and report builder — all in a single IDE. Context-switch without losing your flow.

AI-POWERED ANALYSIS

AI

Our AI engine identifies vulnerability patterns in real-time, suggests exploitation vectors, and auto-generates proof-of-concept code.

INTEGRATED RECON

Built-in subdomain enumeration, port scanning, service fingerprinting, and web crawling. Results feed directly into your workspace.

SMART VULNERABILITY SCANNER

47+ detection modules covering OWASP Top 10, business logic flaws, API misconfigurations, and authentication bypasses.

EXPLOIT DEVELOPMENT

Write, test, and debug exploits with syntax highlighting, intelligent autocomplete, and an integrated Python/Go/Rust runtime.

AUTO REPORT GENERATION

SOON

One-click professional pentest reports. Every finding is documented with evidence, severity scoring, and remediation guidance.

EXTENSION ECOSYSTEM

Build and share custom modules. Import community tools, integrate with Burp Suite, Nuclei, sqlmap, and your existing arsenal.

SCOPE MANAGEMENT

Define engagement boundaries with precision. Automatic scope enforcement prevents out-of-scope testing and maintains compliance.

INSIDE THE IDE

Everything in one window

Blackswan IDE
token.jwt
1
2
3
4
5
6
7
8
9
10
11
12
// Decoded JWT — intercepted from GET /api/me
{
"header": {
"typ": "JWT",
"alg": "none"⚠ Security Issue
Algorithm "none" disables signature verification. An attacker can forge arbitrary tokens without knowing the secret key.
},
"payload": {
"sub": "1234567890",
"name": "John Doe",
"role": "user"
}
}
UNDER THE HOOD

Built different

VSCODE FORK
Full IDE, not an extension
MULTI-MODEL AI
Anthropic, OpenAI, OpenRouter
EXTENSION API
Build on VSCode's ecosystem
CONFIDENTIAL
E2E encrypted AI inference
LLM TOOL USE
AI agents call pentest tools
HUMAN-IN-THE-LOOP
AI augments, you decide
PRICING

Pay for what you use

Every plan includes all features. Pick the credit amount that fits your usage.

Starter

For individuals getting started

$20/month
5M tokens / month
All features included
5 million tokens / month
Community support
[GET STARTED]
Coming Soon

Pro

POPULAR

For professional pentesters

$100/month
35M tokens / month
All features included
35 million tokens / month
Early access to new features
Direct support
Coming Soon

Max

For security teams and orgs

$200/month
100M tokens / month
All features included
100 million tokens / month
Early access to new features
Dedicated support channel
SSO & audit logs

Ready to 10x your pentesting?

Join the early access program and help shape the future of offensive security tooling.

[DOWNLOAD]
Available for macOS