winfunc

Active

ai-native security engineering for mission critical codebases

Summer 2024Founded 20242 peopleSan Francisco, CA, USA

winfunc.com ↗LinkedIn ↗X ↗GitHub ↗See on the Idea Map B2B momentum

About

Winfunc (winfunc.com) is an AI Hacker that autonomously finds, verifies, and patches security vulnerabilities in codebases, just like a human security engineer would. Winfunc can find business logic errors with context-aware scanning and automate the full auditing cycle to generate reports with zero false positives. Winfunc's agent has found vulnerabilities in Google, Supabase, Sentry, Cal, Gumroad, Bun, Hoppscotch, etc.

From their website

as of Jun 7, 2026winfunc.com ↗

SaaSSubscription

winfunc is an AI-native security engineering platform that automatically finds, triages, and patches codebase vulnerabilities in hours, offering autonomous security agents that audit codebases and deliver fixes you can ship.

Connect your GitHub repositories, map architecture, run autonomous security audits with PoCs for every vulnerability, and receive automated patches via PRs that continuously monitor commits to maintain zero-day protection. It also provides real-time vulnerability scanning inside AI editor integrations and offers a monthly benchmark for vulnerability discovery (N-Day-Bench).

Who it’s for: Engineering teams and security teams at production-grade codebases across industries that rely on AI-enabled development and need automated vulnerability discovery, triage, and patching.

Features

Autonomous vulnerability audit with PoCs
Automated patches via pull requests
Continuous protection with commit scanning
Codebase mapping and architecture understanding
Real-time scanning inside AI editors
Vulnerability management and analytics
Dependency scanning

Launched product features (N-Day-Bench), YC backing mentioned, demo/book-a-demo, research and integration updates; active marketing and production-grade references imply early traction.

Founders · 2

Mufeed VHCEO / Founder

founder/hacker at winfunc. website: mufeedvh.com github: github.com/mufeedvh

LinkedIn ↗X ↗

Vivek RCTO / Founder

Google

Apple

CTO @ Asterisk. Previously, Vivek built secure, fault tolerant distributed systems for leading POS validators handling a total stake of $2B+, did IoT protocol optimization research for startups, contributor to GStreamer - the leading multimedia framework used by Google, Apple, etc, helped Fortune 100 companies with their infrastructure strategy and optimization.

LinkedIn ↗X ↗

Launch

Launched on Y Combinator · Aug 2024

View launch post ↗

Automatically find, exploit, and patch security vulnerabilities across your digital assets with zero false positives.

Asterisk is an AI tool that automatically finds, exploits, and patches security vulnerabilities across digital assets, verifies findings in a sandbox, and provides reports with zero false positives. It targets security teams seeking automated, context-aware vulnerability verification and remediation.