ThreatExploit Studio allows you to run automated penetration tests against your infrastructure. This guide covers how to schedule new tests, control their active execution, and analyze the findings once a test is complete.
stateDiagram-v2
[*] --> Scheduled
Scheduled --> Running
Running --> Stopped : Pause test
Stopped --> Running : Resume test
Running --> Completed
Completed --> [*]Scheduling a Pentest
When starting a new pentest, you have full control over what is tested and how aggressive the automated agent should be.
- 1
Define your targets
Specify the hosts, IP addresses, or URLs you want to test. For each target, you'll need to define the scope (e.g., targeted vs. holistic) and the type of test (black box or white box).
- 2
Choose an execution style
Decide whether the agent should run in a
SAFEmode (scanning and identifying vulnerabilities) or anAGGRESSIVEmode. You can also toggle active exploitation on or off. - 3
Provide context (Optional)
Attach saved Playbooks or Memory items to guide the agent's behavior and provide it with specific environmental context.
Configuration Options
When configuring your pentest, you can adjust several parameters to fit your security needs:
| Parameter | Description | Options |
|---|---|---|
targets | The systems to be tested and their specific configurations. | List of target objects |
style | The intensity of the scanning behavior. | SAFE (default) or AGGRESSIVE |
exploit | Whether the agent should actively attempt to exploit found vulnerabilities. | true or false |
lightweight | Runs a faster, less exhaustive scan using a reduced toolset. | true or false |
playbook_name | A saved playbook to guide the pentest execution steps. | String (Optional) |
memory_names | Saved memory items to provide context to the agent. | List of strings (Optional) |
Enabling the exploit flag or setting the style to AGGRESSIVE allows the agent to actively exploit vulnerabilities. Only use these settings on environments where you have explicit permission and where potential service disruption is acceptable.
How do I configure a target?
Each target in your targets list requires specific details so the agent knows how to approach it:
target: The actual host, IP, or URL.scope: Set toTARGETED(focus only on the specific asset) orHOLISTIC(look at the broader environment).type: Set toBLACK_BOX(no prior knowledge) orWHITE_BOX(authenticated).credentials: If usingWHITE_BOX, provide the necessary authentication details here.
Can I pass inline memory?
Yes! If you don't want to save a memory item permanently, you can pass memory_items directly when scheduling the test. These are formatted as a list of objects containing a name and content.
Example Configuration
Here is an example of the configuration payload used to schedule a targeted, safe pentest:
{
"targets": [
{
"target": "https://api.example.com",
"scope": "TARGETED",
"type": "BLACK_BOX"
}
],
"style": "SAFE",
"exploit": false,
"lightweight": true,
"playbook_name": "Standard Web API Audit"
}Controlling Execution
You don't have to wait for a pentest to finish if you need to make changes to your environment or if the test is impacting performance.
Stop a pentest: You can pause a running pentest at any time. The agent will safely halt its current tasks.
Resume a pentest: Once you are ready, you can resume a previously stopped pentest, and the agent will pick up where it left off.
Viewing and Analyzing Results
As your pentests run and complete, ThreatExploit Studio provides multiple ways to review the evidence and findings.
Browsing Pentests
You can view a paginated list of all historical and active pentests. If you need details on a specific run, you can retrieve the exact configuration, status, and high-level results using the pentest's unique ID.
Gathering Evidence
For completed tests, you can:
Get structured reports: Export the findings into a structured report data format.
Browse the file tree: View the exact evidence files, logs, and artifacts generated during the test.
Download archives: Get a direct download URL for the complete evidence archive to store locally or attach to your internal ticketing systems.
Ask the AI Assistant
You don't have to dig through logs manually! Use the Pentest Chat feature to ask the AI questions about a specific pentest's results. It can help you analyze findings, understand your attack surface, and even provide remediation advice based on the exact evidence gathered.
