deonmenezes/mantishack — reverse-engineered prompt

Build me a command line security research tool called Mantishack that can run against a codebase or binary and help find real vulnerabilities, not just noisy scanner results.

I want it to work like an AI assisted bug bounty harness. It should let me create a project for a target, map the attack surface, run static analysis, check authentication and logging issues, validate whether findings are actually reachable, then optionally generate proof of concept exploits and safe patches. Include commands like mantis scan, mantis agentic, mantis auth audit, mantis validate, mantis exploit, mantis patch, mantis fuzz, and project commands to track findings over time.

Focus especially on JWT mistakes, insecure cookies, missing audit logs, leaked tokens in logs, CodeQL or Semgrep style scanning, fuzzing and crash analysis for native code, and clear reports I can review. It should be Python based and usable from a devcontainer. Claude Code integration is fine, and you can look up current docs online if needed.