Skip to content

Proof of Exploit

A DAST finding is a claim: "I think this is exploitable." A Proof of Exploit is a demonstration: "Here's the request chain, here's the response, here's the screenshot, here's the attack path." Proof of Exploit is what cuts triage time because engineering doesn't have to reproduce the bug from a one-line description.

Escape collects detailed event logs for every AI Pentesting assessment, including agent interactions, screenshots, reasoning, actions taken, and issues identified during testing. These logs are fully searchable in the product. Escape also provides comprehensive coverage data for visited web pages, API endpoints, crawled URLs, and analyzed code files.

What a Proof of Exploit Contains

Every Proof of Exploit shipped with a validated or exploited AI Pentesting finding carries:

  • Attack path: the ordered list of endpoints the agent walked to land the exploit, with the reasoning for each hop.
  • Request chain: the full HTTP traffic (or browser actions) the agent executed, ready to replay with cURL or a REST client.
  • Screenshots: where the attack manifests in a user interface (a stored XSS firing, an unauthorized admin page loading, a sensitive file rendered in the browser).
  • Execution logs: the agent's own log of what it tried, what worked, and what didn't.
  • Impact: Escape Severity with a CVSS score and vector, so triage and prioritization don't start from scratch.

That bundle is the artifact you paste into the Jira ticket, the Slack thread, or the pull-request comment.

Proof of Exploit example showing attack chain and evidence

Assessment Logs and Reasoning

Proof of Exploit is the evidence on a confirmed finding. The assessment itself produces a much larger audit trail you can review while the run is in progress or after it finishes.

Open Logs on an assessment to browse the full event stream: discoveries, tool calls, validation steps, and errors. Each event has a title, description, level, stage, and optional attachments (request/response captures, screenshots, command output). Search, filter, and group events to answer questions like whether agents reached a specific workflow or what payloads were tried before an exploit was confirmed.

Open Reasoning to follow the agent swarm at a higher level. Cascade spawns an orchestrator and focused workers during the assessment; the Reasoning view maps that tree and lets you drill into each agent's chronological trace. This is where you go deeper into the attacks attempted: why a path was chosen, how agents adapted when something failed, and how multi-step exploits were chained together.

See Graph Reasoning for how Cascade builds attack paths across endpoints.

Coverage

Open Coverage to see every surface Cascade touched or analyzed during the assessment. Coverage is organized as targets:

Type What it represents
Web page A page the crawler or an agent navigated in the browser
Crawled URL A URL discovered while exploring the application
API route A REST endpoint exercised or probed
GraphQL resolver A GraphQL operation exercised or probed
Code file A source file analyzed during artifact-driven or whitebox testing

Click a target to inspect exploration history, requests sent, and issues found on that surface. Coverage answers a different question than logs: what did we actually test? Use it alongside Proof of Exploit to confirm the assessment reached the areas you expected and to spot gaps before sign-off.

Why It Matters

Most of the time an engineer loses triaging a security finding is spent reproducing it. Proof of Exploit shortcuts that: the first click in the UI opens the traffic, the second exports it as cURL, the third links to the exact file and function (when the repository is connected). Internally, we've measured around an 80% reduction in time-to-remediate when Proof of Exploit is attached, compared to a severity-and-description handoff.

When Proof of Exploit Runs

Proof of Exploit is part of every AI Pentesting assessment. You don't toggle it separately. In Cascade, the reporter agent reproduces each candidate on the live target and collects this evidence itself. If an agent finds something it cannot prove, the finding is downgraded to "likely exploitable, evidence not captured" so your triage signal stays clean.