Skip to content

Usage

Jump to bottom
Sitaraman S edited this page Mar 17, 2025 · 3 revisions

2. Using Pentest Copilot

This section outlines the process for initiating a penetration test session using Pentest Copilot, an AI-powered ethical hacking assistant.

1. Log In or Create an Account

  • Access Pentest Copilot: Navigate to http://127.0.0.1:3000/login.
  • Sign Up: If no account exists, click Register to create one.
  • Explore the Dashboard: Upon login, the dashboard provides an interface to manage sessions and explore available features.

2. Start a New Session

  • Session-Based Model: Pentest Copilot organizes activities into workspaces or sessions. Click Start New Session to initiate a new test.
  • Enter Required Details: Specify the type of task, such as a full-scope penetration test or a Q&A interaction with the assistant.
  • Multiple Sessions in Parallel: The platform supports concurrent sessions, allowing parallel operations on multiple tasks or targets.

3. Provide the Testing Task

  • Describe the Scope: Input a brief overview of the objective. For example: 
    Target IP: 10.10.220.229. Find privilege escalation on the provided target information.
  • Start Pentest Loop: Click Submit Pentest to initiate the AI-guided testing loop. The assistant will provide structured steps and guidance.

4. Follow the AI Guidance

  • Automated Steps: Pentest Copilot outlines tasks being executed and provides insights, command suggestions, and next steps.
  • Continuous Engagement: Monitor progress, adjust the approach as needed, and interact with the assistant to refine the testing strategy.

Running Commands

Executing Commands Generated by Pentest Copilot

Pentest Copilot supports two methods for running suggested commands:

  1. Local Machine Execution:
    Commands can be copied and executed manually on an external system by selecting the option "I will execute command myself." The output must then be pasted back into the interface to maintain workflow continuity.

  2. Integrated Terminal Usage:
    Commands may be executed directly within the embedded terminal available on the workspace page. This eliminates context-switching and improves execution efficiency. The terminal becomes available immediately after session creation.

Note

Proper tooling must be present on the executing system. Improper or incomplete tool responses may result in inaccurate output or false positives.

Further exploration of Pentest Copilot’s capabilities, tools, and configuration options is available in the Features section.

Clone this wiki locally