Set Execution Options
Configure exploit mode, scan speed, approval gates, iterative testing, scheduling, stop conditions, compliance, and AI guidance.
When creating a pentest (Step 4: Settings), you can fine-tune how the test runs.
Exploit mode
Exploit mode controls how aggressively the agent interacts with your target during the validate and exploit phases. It does not affect reconnaissance or analysis — both modes perform full passive discovery.
| Mode | Behaviour |
|---|---|
| Safe | Read-only probing only — no destructive payloads, no active exploitation |
| Full | All techniques enabled, including active exploit validation with proof-of-concept |
Safe mode
Safe mode restricts the agent to non-destructive, read-only techniques. The agent will:
- Probe for vulnerabilities using passive fingerprinting and banner grabbing
- Send benign payloads to confirm the presence of a vulnerability (e.g. a reflected XSS payload that renders harmlessly)
- Report potential findings based on configuration analysis and version detection
The agent will not:
- Execute destructive commands (e.g.
rm,DROP TABLE, disk writes) - Launch reverse shells or bind shells
- Perform denial-of-service or flood-based testing
- Attempt privilege escalation via
sudoor filesystem permission changes - Access cloud metadata endpoints directly
When you select Safe mode, the scan speed defaults to Careful (5 requests/second, 3 concurrent connections) to minimise load on your target.
Full mode
Full mode enables all offensive techniques, including active exploitation with proof-of-concept validation. The agent will attempt to fully exploit discovered vulnerabilities to confirm their severity and demonstrate real-world impact.
Even in Full mode, certain actions are always blocked regardless of configuration — reverse shells, fork bombs, destructive filesystem operations (rm -rf, shred, mkfs), and mass data deletion (DROP DATABASE, TRUNCATE TABLE). See Guardrails for the full list.
When you select Full mode, the scan speed defaults to Aggressive (50 requests/second, 25 concurrent connections).
Which mode should I use?
| Scenario | Recommended mode |
|---|---|
| First test against a production system | Safe |
| Staging or pre-production environments | Full |
| Compliance-driven assessment (evidence of exploitability required) | Full |
| Continuous monitoring / scheduled recurring tests | Safe |
| Pre-launch security sign-off | Full |
Scan speed
Control the rate at which the agent sends requests to your target. This is configured under the Advanced panel within the Exploit Mode section.
Presets
| Preset | Requests/sec | Concurrent connections | When to use |
|---|---|---|---|
| Gentle | 5 | 3 | Production systems, shared infrastructure, targets behind strict WAFs |
| Normal | 20 | 10 | Staging environments, dedicated test instances |
| Aggressive | 50 | 25 | Isolated test environments, pre-launch assessments |
Selecting an exploit mode automatically sets a default scan speed — Gentle for Safe mode, Aggressive for Full mode. You can override this in the Advanced panel.
Custom values
If the presets don't fit, set custom values directly:
- Max requests/sec — 1 to 200
- Max concurrent connections — 1 to 50
You can also disable rate limiting entirely for unrestricted throughput, though this is not recommended for production targets.
Manual approval
Pause the test between phases for human review before proceeding. When enabled, the run stops before each phase (recon, analysis, validate, exploit, report) and waits for you to approve or reject.
This is useful when you want to review what the agent found in reconnaissance before allowing it to begin exploitation, or when testing sensitive systems where you want full visibility into each step.
When a gate is reached, you are notified via email and any configured webhooks. If no decision is made within 24 hours, the gate expires and the run is cancelled.
See Guardrails — Phase-level approval gates for details on approving, rejecting, and API access.
Command-level approval
For more granular control, enable command-level approval. When active, the agent pauses before executing potentially risky commands during the validate and exploit phases — such as exploitation tools, aggressive scanning, or data-modifying requests — and asks for your approval before proceeding.
This works independently of manual approval. You can use both together (phase gates for high-level control, command approval for fine-grained oversight) or either one alone.
See Guardrails — Command-level approval for the full list of commands that trigger approval and how to add custom patterns.
Iterative testing
When enabled, the agent automatically reviews its own report after the test completes and starts a single follow-up run targeting areas it didn't fully explore.
The follow-up run:
- Receives a new objective derived from the coverage gaps identified in the review
- Runs with the same configuration as the original test (same scope, credentials, exploit mode)
- Has iterative testing disabled on itself, so it won't chain further follow-ups
This is useful for thorough assessments where you want maximum coverage without manually reviewing gaps and re-launching tests.
Scheduling
| Type | Behaviour |
|---|---|
| One-time | Runs once immediately |
| Recurring | Repeats on a schedule: hourly, daily, weekly, monthly, or custom |
Recurring tests automatically launch at the configured interval, keeping your security posture continuously assessed.
Stop conditions
Control when the test should stop:
| Condition | Behaviour |
|---|---|
| On verified critical | Stop as soon as a critical finding is confirmed |
| On verified high or critical | Stop on any high or critical finding |
| On report only | Never stop early — run all phases to completion |
Budget caps
Set limits on test resource usage:
- Never stop — no budget cap
- On verified critical — cap spend after critical finding
- On verified high or critical — cap spend after high+ finding
Compliance frameworks
Optionally select compliance frameworks to guide the test:
- OWASP Top 10 (2021)
- PCI DSS v4.0
- SOC 2 Type II
- NIST CSF
- ISO 27001
The agent will factor these into its approach and findings will be mapped to the relevant controls.
Test objective
Set a high-level objective to steer the agent toward a specific goal. The objective is injected into every phase prompt, shaping how the agent approaches reconnaissance, analysis, and exploitation.
Examples:
- "Find and extract the flag hidden in the application"
- "Focus on authentication and authorization vulnerabilities"
- "Prioritise testing the payment processing workflow"
The objective field supports up to 2,000 characters.
AI reasoning instructions
Provide custom instructions to guide the AI agent's behaviour. For example:
- "Focus on authentication and authorization testing"
- "Pay extra attention to the /api/v2 endpoints"
- "The application uses a custom token format in the X-Session header"
Notifications (Step 5)
Configure how you're notified of results:
| Channel | Description |
|---|---|
| Notification sent to specified email addresses | |
| Webhook | HTTP POST to your endpoint |
| Slack | Message to a Slack channel via webhook URL |
For each channel, set a severity threshold: critical only, high+, or all findings.