sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
Files
df9a20e768a5d460f352130142367832f8cd71a7
compliance-scanner-agent/docs/features/pentest.md
Sharang Parnerkar acc5b86aa4
Some checks failed
CI / Clippy (push) Failing after 1m51s
Details
CI / Security Audit (push) Successful in 2m1s
Details
CI / Tests (push) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Format (push) Failing after 42s
Details
CI / Deploy MCP (push) Has been skipped
Details
feat: AI-driven automated penetration testing (#12)
2026-03-12 14:42:54 +00:00

4.4 KiB
Raw Blame History

AI Pentest

The AI Pentest module provides autonomous, LLM-driven penetration testing against your DAST targets. It orchestrates a chain of security tools guided by AI reasoning to discover vulnerabilities that traditional scanning may miss.

Overview

Navigate to Pentest in the sidebar to see the pentest dashboard.

The dashboard shows:

  • Total pentest sessions run
  • Aggregate finding counts with severity breakdown
  • Tool invocation statistics and success rates
  • Session cards with status, target, strategy, and finding count

Starting a Pentest Session

  1. Click New Pentest on the dashboard
  2. Select a DAST target (must be configured under DAST > Targets first)
  3. Choose a strategy:
Strategy Description
Comprehensive Full-spectrum test covering recon, API analysis, injection testing, auth checks, and more
Focused Targets specific vulnerability categories based on initial reconnaissance
  1. Optionally provide an initial message to guide the AI's focus
  2. Click Start to begin the session

The AI orchestrator will autonomously select and execute security tools in phases, using the output of each phase to inform the next.

Session View

Click any session card to open the detailed session view. It shows:

Summary Cards

  • Findings — total vulnerabilities discovered
  • Exploitable — confirmed-exploitable findings
  • Tool Invocations — total tools executed
  • Success Rate — percentage of tools that completed successfully

Severity Distribution

A bar showing the breakdown of findings by severity level (Critical, High, Medium, Low, Info).

Findings Tab

Lists all discovered vulnerabilities with:

  • Severity badge and title
  • Vulnerability type and exploitability status
  • HTTP method and endpoint
  • CWE identifier
  • Description and remediation recommendation
  • Correlated SAST finding references (when available)

Attack Chain Tab

A visual DAG (directed acyclic graph) showing the sequence of tools executed during the pentest. Nodes are grouped into phases:

  • Phase-based layout — tools are organized top-down by execution phase (reconnaissance, analysis, testing, exploitation, etc.)
  • Category icons — each tool displays an icon indicating its category (recon, XSS, SQLi, SSRF, auth, headers, cookies, TLS, CORS, etc.)
  • Status indicators — color-coded status dots (green = completed, yellow = running, red = failed)
  • Finding badges — red badge showing the number of findings produced by each tool
  • Interactive — hover for details, click to select, scroll to zoom, drag to pan

Stopping a Session

Running sessions can be stopped from the dashboard by clicking the Stop button on the session card. This immediately halts all tool execution.

Exporting Reports

Click Export Report on any session to generate a professional pentest report.

Export Process

  1. Enter an encryption password (minimum 8 characters)
  2. Click Export to generate and download the report

The export produces a password-protected ZIP archive (AES-256 encryption) that can be opened with any standard archive tool (7-Zip, WinRAR, macOS Archive Utility, etc.).

Archive Contents

File Description
report.html Professional HTML report with executive summary, methodology, tools, findings with recommendations, and attack chain timeline
findings.json Raw findings data in JSON format for programmatic processing
attack-chain.json Raw attack chain data showing tool execution sequence and relationships

Report Features

The HTML report includes:

  • Company logo and CONFIDENTIAL banner
  • Requester information
  • Executive summary with overall risk rating
  • Severity distribution chart
  • Methodology and tools section
  • Detailed findings with severity, CWE, endpoint, evidence, remediation guidance, and linked SAST references
  • Attack chain timeline
  • Print-friendly layout (dark theme on screen, light theme for print)

Integrity Verification

After export, the dashboard displays the SHA-256 checksum of the archive with a copy-to-clipboard button. Use this to verify the archive has not been tampered with after distribution.

::: warning Only run pentests against applications you own or have explicit written authorization to test. AI-driven pentesting sends real attack payloads that may trigger alerts or cause unintended side effects. :::

Reference in New Issue View Git Blame Copy Permalink