Useful files to upload when setting up a pentest

When setting up a new pentest, you will encounter the "Attack Resources"-step. In this step, it is possible to upload a file at the "Upload Data"-field.

Useful files to upload are:

OpenAPI Specs (JSON / YAML): Agents will have more context to interact with and attack the API
Documentation files (README.md / Specs): Agents will get a better understanding of the target and its threat model
Previous Pentest Reports (PDF): Agents will get information of previously discovered issues and validate fixes, as well as search for potential different occurrences of the same bugs

Last updated 27 days ago

Was this helpful?