How AI Pentesting Works¶
AI Pentesting combines crawling capabilities with agents to discover vulnerabilities through injection testing and business logic analysis.
Crawling¶
AI Pentesting uses agentic crawling to explore applications:
- State-aware exploration
- Natural language instructions
- Error recovery
- Context understanding
Agents use LLM reasoning to navigate web applications and discover endpoints.
XSS Testing¶
Agents discover XSS vulnerabilities through:
- Context-aware injection
- Multi-step exploitation
- Response analysis
- Payload adaptation
- State tracking
Agents reason about DOM structure, JavaScript execution contexts, and input validation to craft XSS payloads.
Business Logic Testing¶
Agents discover business logic vulnerabilities including:
- Authorization testing: BOLA, tenant isolation, and privilege escalation (see BOLA Agent)
- Workflow bypasses
- State manipulation
- Multi-step attacks
Agents use multi-user authentication to test authorization boundaries (see BOLA Agent for configuration).
Agent Workflow¶
- Discovery: Agents explore the application using powerful crawling
- Analysis: Agents reason about application structure and behavior
- Testing: Agents execute injection attacks and business logic tests
- Validation: Agents verify vulnerabilities and collect evidence
Agent reasoning is visible in scan logs, showing why agents took specific actions and how they adapted their strategies.
Related Documentation¶
- BOLA Agent: Authorization testing agent
- XSS Agent: XSS testing agent
- API Testing Configuration: API testing configuration options
- Frontend DAST Configuration: WebApp testing configuration options
- Agentic Crawling: Technical details on crawling