Start Pentest
Language for LLM vulnerability analysis and generated PDF reports for this run only. Does not change the website UI.
The canonical objective text for this mode is built in automatically. Use optional notes below only when needed.
Add each target as a tag: type and press Space or Enter, or click outside the field. Remove a tag with ×. Pasting several values at once still splits on commas, semicolons, or new lines. Full URLs are fine; the server uses the hostname. Avoid Space inside a single URL—paste long URLs instead.
Upload one or more Nmap (-oX) or Nessus exports — fully automated: hosts, ports, services, and findings are merged and probed. Nessus imports low through critical (info plugins skipped). Nmap XML ignores severity. Manual targets without ports still get discovery nmap.
Uncheck for focused runs when you already supply credentials and a specific objective (e.g. exploit PrintNightmare on the DC).
The run stops when estimated API spend reaches the budget (checked before each LLM call). Default step cap is 2000.
Local AI: USD budget does not apply; only max steps stops the agent. Manual vulnerability re-analysis always runs.
When targets are on the Internet (not a local lab), enable this so built-in listeners get a public ngrok TCP endpoint forwarded to the local port. Requires ngrok on PATH and AUTOPENTEST_NGROK_AUTHTOKEN in .env.
Leave unchecked unless the operator accepts risk to availability. Applies to scope written for this run; the LLM is instructed to forbid these techniques when off.
When unchecked: avoid materially disruptive changes (beyond minimal proof-of-impact needed for pentest chains). Applies to scope + analyst instructions.