Autonomous Audits

An autonomous audit lets you brief GigaOps the way you’d brief a human operator. You write the mission in plain English — the agent plans and executes accordingly.
PropertyValue
Default duration4 hours
Methodology scopeOperator-defined
Post-exploitationOperator-defined
Best forRed-team simulations, targeted engagements, novel scenarios

How it works

Instead of choosing from a fixed methodology, you provide a scope — a freeform instruction that’s injected into GigaOps’s system prompt. The agent treats this as its mission brief and plans accordingly. The scope can be as specific or open-ended as you want:
  • “Assume breach. Start from a compromised employee laptop. Goal: access production AWS keys.”
  • “Focus exclusively on the OAuth flow at auth.acme.com. Probe for token leakage, scope confusion, and replay vulnerabilities.”
  • “Behave like APT29 — slow, low, and persistent. Maximum stealth. Cover tracks.”
  • “Find any way to access customer PII. Document the full kill chain end to end.”

When to use

  • Red-team simulations — emulate a specific threat actor’s TTPs
  • Targeted assessments — test one feature, flow, or component in depth
  • Assumed-breach scenarios — start from a specific foothold and see where it leads
  • Novel scenarios — anything that doesn’t fit the shallow/deep templates
  • Customer engagement — let your security team write the brief, not pick from a menu

What the scope can include

GigaOps reads the scope as authoritative direction. You can specify:
ElementExample
Starting conditions”Assume access to employee VPN”
Target focus”Only the GraphQL API at /api/graphql”
Threat actor profile”Behave like a financially motivated ransomware affiliate”
Tactical constraints”No bruteforce. Stealth-only nmap (-T1)“
Success criteria”Goal: prove exfiltration of customer database”
Out of scope”Do not touch the WordPress blog at /blog/*“

Running an autonomous audit

API 
curl -X POST https://api.withgiga.ai/api/workspaces/{workspaceId}/audits \
  -H "Authorization: Bearer $GIGA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "autonomous",
    "targets": ["acme.example.com"],
    "scope": "Focus exclusively on the OAuth flow at auth.acme.example.com. Probe for token leakage, scope confusion, redirect_uri bypass, PKCE downgrade, and replay vulnerabilities. Goal: capture an access token belonging to another user."
  }'
Dashboard
  1. Open the workspace
  2. Click New Audit
  3. Select Autonomous mode
  4. Write your scope in the Mission Brief field
  5. Confirm targets
  6. Click Launch

Writing effective scope

GigaOps responds best to briefs that mirror real operator language: Good scope 
Assumed breach. Operator has obtained a low-privilege user
session at app.acme.example.com (Bearer token in $TOKEN env var
of the sandbox). Goal: escalate to admin role and dump the
user table. Out of scope: any subdomain other than app.*
Less effective scope 
Please test the application thoroughly.
The more concrete the goal, the more focused the engagement.

Authorization caution

Autonomous mode gives GigaOps maximum latitude. The scope text you provide is injected into the agent’s system prompt and acts as authoritative direction. Be precise about what’s in scope — and be certain you have written authorization for everything in the brief.

Next steps

GigaOps Agent

Understand how the agent interprets and acts on briefs.

Toolkit

The full list of tools available in the darkops sandbox.