Shallow Audits
A shallow audit is the fastest engagement mode. It covers OWASP Top 10 vulnerabilities with proof-of-concept exploitation only — no post-exploitation, no persistence, no exfiltration testing.| Property | Value |
|---|---|
| Default duration | 30 minutes |
| Methodology scope | OWASP Top 10 + PoC |
| Post-exploitation | Disabled |
| Best for | CI/CD gates, pre-launch checks, smoke testing |
What it covers
Shallow mode runs phases 1–6 of the attack methodology:- Passive reconnaissance
- Subdomain enumeration
- Port and service scanning
- Web fingerprinting
- Vulnerability scanning
- Proof-of-concept exploitation (read-only)
What it skips
To stay fast and CI-safe, shallow audits do not:- Run auth brute force or credential stuffing
- Attempt SQL injection beyond detection-level payloads
- Pivot from one finding to another
- Exfiltrate or modify data
- Test post-exploitation chains
When to use
- CI/CD integration — gate deploys on critical findings without blocking the pipeline for hours
- Pre-launch checks — verify a new release before going to production
- Continuous coverage — schedule daily or hourly runs against production
- Regression testing — verify a previously remediated finding is still gone
Running a shallow audit
API- Open the workspace
- Click New Audit
- Select Shallow mode
- Confirm targets
- Click Launch
Expected output
A typical shallow audit produces 0–15 findings depending on the target’s surface area. Findings will be predominantly Medium and Low severity, with occasional High for clear misconfigurations. For exposed RCE or auth bypass — where deeper exploitation would be needed to confirm impact — the agent will note the discovery but mark severity conservatively. Run a Deep audit on the same target to fully validate.Next steps
Deep Audits
Full 10-phase chain including post-exploitation.
Findings
Understand how findings are structured and prioritized.