Getting Started Playbooks and memory

Playbooks and memory

The memory feature is mainly used to add nodes for the LLM to remember during the pentest execution. This is useful if you're looking to avoid specific targets or if you want the LLM to take certain things into consideration.

For example, imagine you are penetration testing a web application that has a chat agent. If you want the LLM to spend additional time focusing on the chat agent, or if you want to avoid a chat agent at all, those specific instructions could be added to memory. The LLM will then take those nodes into consideration, even though it's going to follow the standard penetration testing methodology. Those nodes will be baked in and will take precedence.

Image

The playbook's features, on the other hand, are a set of instructions that will override the standard penetration testing methodology of the agent. When a playbook is specified, the agent will follow only those instructions defined in the playbook. It will not do anything else.

This is useful if you're looking to limit the scope of the penetration test. For example, think about a retest: you already ran a penetration test for a customer, a few findings came out, and now it is time to run the penetration test again only to verify whether those specific findings were taken care of.

Image